b"Office of Audits and Evaluations\nReport No. AUD-12-011\n\n\nThe FDIC\xe2\x80\x99s Examination Process for Small\nCommunity Banks\n\n\n\n\n                                   August 2012\n\x0c                                      Executive Summary\n\n                                      The FDIC\xe2\x80\x99s Examination Process for Small\n                                      Community Banks\n                                                                                     Report No. AUD-12-011\n                                                                                                August 2012\n\nWhy We Did The Audit\nOn February 10, 2012, the Chairman of the United States Senate Committee on Banking, Housing, and\nUrban Affairs requested that the Inspectors General of the FDIC, the Department of the Treasury, the\nBoard of Governors of the Federal Reserve System, and the National Credit Union Administration\nconduct audits of their respective agencies\xe2\x80\x99 examination processes for small community banks and credit\nunions. The Chairman\xe2\x80\x99s request was prompted by concerns from community banks and credit unions that\nexaminations were being conducted without clear standards or consistent application of agency policies\nand procedures, which could discourage business growth and responsible lending. The request indicated\nthat the results of the audits would help the Committee to better understand the supervisory processes at\nthe agencies and facilitate the Committee\xe2\x80\x99s efforts to address concerns raised by community banks and\ncredit unions.\n\nThe objectives of our performance audit were to report on: (1) the FDIC\xe2\x80\x99s examination process for small\ncommunity banks, including examination timelines and how the FDIC ensures consistency in the\nadministration of examinations across the country, and (2) the ability of FDIC-supervised institutions to\nquestion examination results, such as through the Office of the Ombudsman (OO), the appeals process, or\ninformal channels, and the frequency and success of such appeals. The scope of our review, 2007-2011,\nwas selected to take into account examination timeframes and appeals processes both before and during\nthe financial crisis. The audit did not include an assessment of the adequacy or the effectiveness of these\nprocesses.\n\n\nBackground\nBank supervision and consumer protection are cornerstones of the FDIC\xe2\x80\x99s efforts to ensure the stability\nof, and public confidence in, the nation\xe2\x80\x99s financial system. The FDIC\xe2\x80\x99s supervision and consumer\nprotection programs promote the safety and soundness of FDIC-supervised institutions, help protect\nconsumer rights, and further community investment initiatives. As of December 31, 2011, the FDIC was\nthe primary federal regulator for 4,598 state-chartered financial institutions that were not members of the\nFederal Reserve System. A total of 4,293 (or 93 percent) of these institutions were small community\nbanks with assets totaling $1 billion or less.\n\nWithin the FDIC, the Division of Risk Management Supervision (RMS) has primary responsibility for the\nsafety and soundness of FDIC-supervised institutions. RMS conducts onsite risk management\nexaminations of institutions to assess their overall financial condition, management practices and policies,\nand compliance with applicable laws and regulations. During 2011, RMS conducted 2,712 statutorily-\nrequired risk management examinations. RMS also conducts specialty examinations that cover such areas\nas trust department operations, information technology controls, and institution compliance with the Bank\nSecrecy Act. During 2011, RMS conducted 6,002 specialty examinations. The FDIC\xe2\x80\x99s Division of\nDepositor and Consumer Protection (DCP) has primary responsibility for protecting consumer rights.\nDCP conducts onsite examinations of institutions to assess compliance with consumer protection laws\nand regulations and the extent to which institutions meet community needs under the Community\nReinvestment Act (CRA). During 2011, DCP conducted 1,757 CRA/compliance examinations. In\naddition, the FDIC\xe2\x80\x99s Office of Complex Financial Institutions (OCFI) has primary responsibility for\nproviding a comprehensive focus on the supervisory, insurance, and resolution risks presented to the\nFDIC by the largest and most complex financial institutions.\n\n\n\n                                  To view the full report, go to www.fdicig.gov\n\x0c  Executive Summary\n                                     The FDIC\xe2\x80\x99s Examination Process for Small\n                                     Community Banks\n                                                                                     Report No. AUD-12-011\n                                                                                                August 2012\n\n\nAudit Results\nThe FDIC has established and implemented a nationwide program for planning, conducting, reporting,\nand evaluating the effectiveness of its examinations of FDIC-supervised community institutions. With\nrespect to examination timelines, the risk profile of every bank is different, even within a similar size\nrange and rating, so actual examination hours and timeframes can vary. We did find that, in broad terms,\nthe cycle time for conducting risk management examinations increased significantly as the supervisory\nratings for, and condition of, the institution deteriorated. We also noted that overall cycle time for well-\nrated institutions (1 or 2 ratings) increased to a limited degree during the period covered by our review,\nwhich the FDIC attributed to policy changes that increased baseline procedures and allowed for more\nexaminer discretion in expanding the scope of their examinations, based on identified risks.\n\nAs it relates to the time it takes the FDIC to issue an examination report following onsite work, that phase\nof the examination process generally ranged from:\n\n     \xef\x82\xb7   2 to 4 weeks for institutions rated 1 or 2; and\n     \xef\x82\xb7   6 to 9 weeks for institutions rated 3, 4, or 5.\n\nThe difference in report processing timeframes can generally be attributed to the additional complexity\nand volume of deficiencies associated with troubled institutions, the level of review required to ensure\nthe reports fully support lower ratings and appropriate supervisory actions, and examiners working with\nbank management and other regulatory agencies to reach agreement on the examination findings and\nsupervisory actions before the final report is issued.\n\nWe also collected examination timeline statistics for compliance examinations. Generally, we identified\na trend similar to what we found with risk management examinations\xe2\x80\x94longer overall cycle times for\nlower-rated institutions. However, unlike risk management examinations, elapsed days between onsite\nexamination work and the issuance of the final report did not vary much according to ratings from 2009\nforward, averaging about 1 month.\n\nRegarding how consistently the FDIC administers examinations in its various regions, the FDIC has\nestablished the following controls and practices intended to promote a consistent examination process\nwhile being mindful that examiners must consider unique circumstances and risk factors associated with\neach institution:\n\n    \xef\x82\xb7    Examination policy and guidance.\n    \xef\x82\xb7    Training programs for examiners.\n    \xef\x82\xb7    Multiple levels of review for examination reports, including in certain circumstances by\n         headquarters officials.\n    \xef\x82\xb7    Standards and guidance for applying supervisory actions.\n    \xef\x82\xb7    Quality control reviews of key regional and field office examination activities.\n    \xef\x82\xb7    Coordination with other federal and state regulatory agencies on matters of mutual interest.\n\nConcerning the ability of FDIC-supervised institutions to question examination results, the FDIC\nencourages examiners and bankers to make a good-faith attempt to resolve disputes through informal\ndialogue during the examination. According to FDIC officials, many disputes are successfully resolved in\nthis manner. Other opportunities for such a dialogue include exit meetings with bank management,\n\n\n                                  To view the full report, go to www.fdicig.gov\n\x0c  Executive Summary\n                                    The FDIC\xe2\x80\x99s Examination Process for Small\n                                    Community Banks\n                                                                                    Report No. AUD-12-011\n                                                                                               August 2012\n\ndiscussions during the reporting process to clarify issues, and meetings with an institution\xe2\x80\x99s board of\ndirectors at which the examination results are presented. The FDIC also asks each institution, at the end\nof a risk management examination, to complete a Post-Examination Survey to help the FDIC in\nimproving the efficiency and quality of its examinations.\n\nWhen agreement on key issues such as examination ratings, loan loss reserve provisions, or classifications\nof significant loans cannot be reached informally, institutions may request a formal review by the Director\nof RMS, DCP, or OCFI, as appropriate. A total of 41 such requests were made during the 5-year period\nended December 31, 2011. Of this number, one was sustained and three were partially sustained.\nAccording to FDIC officials, few requests for review are sustained because the applicable Director\nusually finds that the initial determinations are consistent with FDIC policy.\n\nInstitutions that dispute the results of the directors\xe2\x80\x99 reviews may appeal to the Supervision Appeals\nReview Committee (SARC), which is outside of the examination and supervision process. The SARC\xe2\x80\x99s\ndecisions on material supervisory determinations are final. A total of 23 appeals were filed with the\nSARC during the 5-year period ended December 31, 2011. Of this number, one appeal was partially\nsustained. The remaining appeals were either denied or lacked grounds for an appeal to the SARC. In\nreviewing the SARC determinations for appeals that were denied, we noted that the SARC considered the\nunderlying merits of both the institutions\xe2\x80\x99 and the examiners\xe2\x80\x99 positions and, as such, considered the\nsubstance of the disagreement, and not simply whether or not the examiners followed established policy.\n\nIn addition, bankers may question examination results in enforcement action cases filed by the FDIC with\nthe Office of Financial Institution Adjudication (OFIA) administrative law judge, who conducts hearings\nand recommends decisions associated with formal enforcement actions. Bankers may also contact the\nFDIC\xe2\x80\x99s OO, which can be used to discuss and resolve concerns associated with any aspect of the\nexamination process in a confidential forum.\n\nFinally, while not directly related to the objectives of our audit, our report discusses various FDIC\ninitiatives used to further its dialogue and efforts to better understand the challenges and opportunities\nfacing community banks. Such actions help to ensure that the FDIC and others significant to the financial\nindustry identify and discuss community banking-related issues and take action to address those issues.\n\n\nCorporation Comments\nSubsequent to the issuance of our draft report, FDIC officials provided additional information for our\nconsideration, and we revised our report to reflect this information, as appropriate. On August 29, 2012,\nthe RMS Director provided a written response to a draft of this report on behalf of the Corporation. That\nresponse is provided in its entirety in Appendix 9.\n\nIn the response, the RMS Director noted the thoroughness of the draft report and concurred with our\nobservations about increased examination cycle and report processing timeframes. The Director also\nacknowledged the information in the report regarding quality control practices that promote consistency\nin the examination process and encourage examiners and bankers to informally resolve disputes during\nexaminations. Concerning our observations on the formal dispute resolution process, the Director\nconfirmed that changes to the decisional deadlines have enabled formal reviews and appeals to be\nprocessed within applicable timeframes.\n\n\n\n                                 To view the full report, go to www.fdicig.gov\n\x0c                                 Contents\n\n                                                                Page\nBackground                                                        2\n\nAudit Results                                                     4\n\nThe FDIC\xe2\x80\x99s Oversight of Community Banks                           6\n\n  Examination Timelines                                           7\n    Tracking and Measuring Examination Timeframes                 7\n    The Examination Process Tied to Available Timeframe Data      9\n\n   Control Processes for Examination Consistency                 16\n     Examination Standards and Guidance                          16\n     Examiner Training Activities                                17\n     Supervisory Review Process                                  18\n     Supervisory Actions                                         20\n     Quality Assurance Reviews and Other Tools for Monitoring    22\n       Examination Processes\n     Coordination with External Councils and Working Groups      24\n\nProtocols for Questioning FDIC Examination Results               26\n\n  Informal Protocols                                             27\n      Before and During the Onsite Examination                   27\n      Exit Meeting with Management                               28\n      Following the Onsite Examination                           28\n\n  Formal Protocols for Appealing Material Supervisory            29\n  Determinations\n     Definition of Material Supervisory Determinations           29\n     Requests for Review                                         30\n     Appeals to the Supervision Appeals Review Committee         32\n\n  Other Avenues for Questioning Examination Results              34\n     Administrative Law Judge Process                            34\n     Office of the Ombudsman                                     35\n     Other Points of Contact                                     37\n\nFDIC Initiatives Related to Community Banks                      37\n\n  FDIC Advisory Committee on Community Banking                   37\n\n  Other Initiatives                                              38\n\nCorporation Comments and OIG Evaluation                          38\n\x0c                                  Contents\n\n                                                                      Page\nAppendices\n  1. Objectives, Scope, and Methodology                                39\n  2. The FDIC\xe2\x80\x99s Examination Processes                                  42\n  3. Laws and Rules and Regulations                                    47\n  4. Examiner and Financial Institution Guidance                       49\n  5. Examiner Training                                                 52\n  6. FFIEC Task Forces                                                 54\n  7. Glossary of Terms                                                 55\n  8. Acronyms                                                          59\n  9. Corporation Comments                                              60\n\nTables\n   1. U.S. Institutions Supervised by the FDIC, FRB, and OCC as of      3\n        12/31/2011\n   2. FDIC Examinations, 2011                                           7\n   3. Risk Management Examination Benchmarks                            8\n   4. Compliance/CRA Examination Benchmarks                             9\n   5. Regional Reviews, 2007-2011                                      23\n   6. Frequency and Types of Requests for Review, 2007-2011            31\n   7. Frequency and Types of SARC-Level Appeals, 2007-2011             33\n   8. FDIC Enforcement Action Cases Referred to OFIA, 2007-2011        35\n   9. Examination Concerns Noted During Outreach Meetings,             36\n        2007-2011\n 10. Summary of OO Contacts by Major Issue Areas, 2007-2011            37\n 11. Examples of Laws and Rules and Regulations Applicable to the      47\n        FDIC\xe2\x80\x99s Examination and Supervision Processes\n 12. FFIEC Task Forces and Related Responsibilities and Duties         54\n\nFigures\n   1. Risk Management Examinations \xe2\x80\x93 Average Onsite Turnaround         10\n        Days for Institutions under $1 Billion in Assets, 2007-2011\n   2. Risk Management Examinations \xe2\x80\x93 Average Report Turnaround         11\n        Days for Institutions under $1 Billion in Assets, 2007-2011\n   3. Risk Management Examinations \xe2\x80\x93 Average Total Turnaround          12\n        Days for Institutions under $1 Billion in Assets, 2007-2011\n   4. Compliance Examinations \xe2\x80\x93 Average Onsite Turnaround Days         13\n        for Institutions under $1 Billion in Assets, 2007-2011\n   5. Compliance Examinations \xe2\x80\x93 Average Report Turnaround Days         14\n        for Institutions under $1 Billion in Assets, 2007-2011\n   6. Compliance Examinations \xe2\x80\x93 Average Total Turnaround Days          15\n        for Institutions under $1 Billion in Assets, 2007-2011\n   7. Overview of the Risk Management Examination Review Process       19\n\x0cFederal Deposit Insurance Corporation\n3501 Fairfax Drive, Arlington, Virginia 22226                                    Office of Inspector General\n\n\nDATE:                                       August 31, 2012\n\nMEMORANDUM TO:                              Martin J. Gruenberg\n                                            Acting Chairman\n\n\n                                            /Signed/\nFROM:                                       Jon T. Rymer\n                                            Inspector General\n\nSUBJECT:                                    The FDIC\xe2\x80\x99s Examination Process for Small Community\n                                            Banks (Report No. AUD-12-011)\n\n\nThis report presents the results of our audit of the FDIC\xe2\x80\x99s examination process for small\ncommunity banks. We initiated this audit in response to a request, dated February 10,\n2012, from the Chairman of the United States Senate Committee on Banking, Housing,\nand Urban Affairs (SBC Chairman) to the Inspectors General of the Department of the\nTreasury (Treasury), the Board of Governors of the Federal Reserve System (FRB), the\nFDIC, and the National Credit Union Administration (NCUA). The Chairman\xe2\x80\x99s request\nwas prompted by concerns from community banks and credit unions that examinations\nwere being conducted without clear standards or consistent application of agency policies\nand procedures, which could discourage business growth and responsible lending. The\nrequest indicated that the audit results would help the Committee to better understand the\nfederal banking agencies\xe2\x80\x99 supervisory processes and facilitate efforts to address concerns\nraised by community banks and credit unions.\n\nThe Treasury, FRB, and NCUA Inspectors General also initiated audits at their respective\nagencies in response to the SBC Chairman\xe2\x80\x99s request. We coordinated our audit scope\nand methodology with the other Inspectors General.\n\nAlthough the SBC Chairman\xe2\x80\x99s request specifically focused on small community banks\nand credit unions, the federal banking agencies do not have a standard definition for what\nconstitutes \xe2\x80\x9csmall\xe2\x80\x9d community banks. Therefore, for the purposes of this report, we\nfocused primarily on the processes applicable to \xe2\x80\x9ccommunity institutions,\xe2\x80\x9d which are\ngenerally defined by the federal banking agencies as having less than $1 billion in total\nassets.\n\nConsistent with the SBC Chairman\xe2\x80\x99s request, the audit objectives were to report on:\n\n     1. the FDIC\xe2\x80\x99s examination process for small community banks, including\n        examination timelines and how the FDIC ensures consistency in the\n        administration of examinations across the country; and\n\x0c    2. the ability of FDIC-supervised institutions to question examination results, such\n       as through the Office of the Ombudsman (OO),1 the appeals process, or informal\n       channels, and the frequency and success of such appeals.\n\nTo address our objectives, we collected and summarized relevant information on the\nFDIC\xe2\x80\x99s examination processes and the various means available to FDIC-supervised\ninstitutions to appeal or question examination results. The scope of our review,\n2007-2011, was selected to take into account examination timeframes and appeals\nprocesses both before and during the financial crisis. We confirmed the completeness of\nthe information we collected with FDIC divisions and offices; however, our audit did not\ninclude an assessment of the adequacy or effectiveness of these processes.\n\nWe conducted this performance audit in accordance with generally accepted government\nauditing standards. Appendix 1 of this report includes additional details on our\nobjectives, scope, and methodology. Appendices 2-6 provide overviews of the FDIC\xe2\x80\x99s\nexamination processes, laws and rules and regulations applicable to examination and\nsupervision activities, examiner and financial institution guidance, examiner training\nactivities, and the Federal Financial Institutions Examination Council\xe2\x80\x99s2 (FFIEC) task\nforces. Appendix 7 contains a glossary of key terms, and Appendix 8 contains a list of\nacronyms. The Corporation\xe2\x80\x99s comments on our report are presented in Appendix 9\n\n\nBackground\nThe purpose of federal bank supervision is to ensure that institutions throughout the\nfinancial system are operating in a safe and sound manner and complying with banking\nlaws and regulations in the provision of financial services. FDIC-insured institutions are\nsupervised by one of three federal banking agencies, as follows:\n\n    \xef\x82\xb7   The FDIC supervises all state-chartered banks and thrifts that are not members of\n        the Federal Reserve System.\n\n    \xef\x82\xb7   The FRB supervises state-chartered commercial banks that are members of the\n        Federal Reserve System.\n\n    \xef\x82\xb7   The Office of the Comptroller of the Currency (OCC) supervises all\n        federally-chartered banks and thrifts.\n\nThe FDIC and FRB share supervision of state-chartered banks and thrifts with the state\nbanking departments. In doing so, the federal and state regulators coordinate their\nsupervisory programs and, in many instances, alternate examinations or conduct joint\nexaminations. Higher-level coordination between the federal banking agencies and the\n\n1\n  See http://www.fdic.gov/regulations/resources/ombudsman/index.html for additional information on the\nFDIC\xe2\x80\x99s OO.\n2\n  Certain terms that are underlined when first used in this report are defined in Appendix 7, Glossary of\nTerms.\n\n\n                                                    2\n\x0cstates on policy matters is conducted through various channels, including the FFIEC and\nthe Conference of State Bank Supervisors (CSBS).\n\nThe FFIEC is a formal interagency body empowered to prescribe uniform principles,\nstandards, and report forms for the federal examination of financial institutions by the\nFDIC, FRB, OCC, NCUA, and the Consumer Financial Protection Bureau (CFPB) and to\nmake recommendations to promote uniformity in the supervision of financial institutions.\nIn 2006, the State Liaison Committee (SLC) was added to the FFIEC. The SLC was\nestablished by the FFIEC to encourage the application of uniform examination principles\nand standards by state and federal agencies and to allow state regulators to participate in\nthe development of those principles and standards. The SLC includes representatives\nfrom the CSBS, the American Council of State Savings Supervisors, and the National\nAssociation of State Credit Union Supervisors.\n\nBank supervision and consumer protection are cornerstones of the FDIC\xe2\x80\x99s efforts to\nensure the stability of, and public confidence in, the nation\xe2\x80\x99s financial system. The\nFDIC\xe2\x80\x99s supervision and consumer protection programs promote the safety and soundness\nof FDIC-supervised institutions, help protect consumer rights, and further community\ninvestment initiatives. As of December 31, 2011, the FDIC was the primary federal\nregulator for 4,598 state-chartered financial institutions that were not members of the\nFederal Reserve System. A total of 4,293 (or 93 percent) of these institutions were small\ncommunity banks with assets totaling $1 billion or less. The number and total assets of\nU.S. institutions supervised by each federal regulator are shown in Table 1 below.\n\n Table 1: U.S. Institutions Supervised by the FDIC, FRB, and OCC as of 12/31/2011*\n   Federal            Total U.S.          Total Community           Total Institution         Total Community\n  Regulator          Institutions           Institutions               Assets***            Institution Assets***\n FDIC**                         4,598                     4,293                  $2,341                          $864\n FRB                              828                       724                   1,891                           170\n OCC**                          1,931                     1,683                   9,651                           385\n Total                          7,357                     6,700                 $13,883                        $1,419\n Source: FDIC Division of Insurance and Research (DIR), Quarterly Banking Profile, Fourth Quarter 2011,\n and Smaller Bank Profile, Fourth Quarter 2011.\n * This table excludes the domestic branches of foreign banks operating in the United States.\n ** In accordance with the Dodd-Frank Wall Street Reform and Consumer Protection Act (the Dodd-Frank\n Act), the former Office of Thrift Supervision transferred primary oversight responsibilities for thrift institutions\n to the FDIC and OCC in July 2011.\n *** Institution assets are presented in billions of dollars.\n\nFrom 2007 to early 2011, one FDIC division was responsible for conducting all\nexaminations\xe2\x80\x94the Division of Supervision and Consumer Protection (DSC). In\nFebruary 2011, the FDIC implemented an organizational change that re-designated DSC\nas the Division of Risk Management Supervision (RMS), responsible for risk\nmanagement and specialty examinations. At the same time, the FDIC transferred\nresponsibility for conducting compliance and Community Reinvestment Act (CRA)\nexaminations to a new division\xe2\x80\x94the Division of Depositor and Consumer Protection\n(DCP). In addition, the Office of Complex Financial Institutions (OCFI) was created to\n\n\n                                                         3\n\x0cprovide a comprehensive focus on the supervisory, insurance, and resolution risks\npresented to the FDIC by the largest and most complex financial institutions.\n\n\nAudit Results\nThe FDIC has established and implemented a nationwide program for planning,\nconducting, reporting, and evaluating the effectiveness of its examinations of\nFDIC-supervised community institutions. With respect to examination timelines, the risk\nprofile of every bank is different, even within a similar size range and rating, so actual\nexamination hours and timeframes can vary. We did find that, in broad terms, the cycle\ntime for conducting risk management examinations increased significantly as the\nsupervisory ratings for, and condition of, an institution deteriorated. We also noted that\noverall cycle time for well-rated institutions (1 or 2 ratings) increased to a limited degree\nduring the period covered by our review, which the FDIC attributed to policy changes\nthat increased baseline procedures and allowed for more examiner discretion in\nexpanding the scope of their examinations, based on identified risks.\n\nAs it relates to the time it takes the FDIC to issue an examination report following onsite\nwork, that phase of the examination process generally ranged from:\n\n    \xef\x82\xb7   2 to 4 weeks for institutions rated 1 or 2; and\n    \xef\x82\xb7   6 to 9 weeks for institutions rated 3, 4, or 5.\n\nThe difference in report processing timeframes can generally be attributed to the\nadditional complexity and volume of deficiencies associated with troubled institutions,\nthe level of review required to ensure the reports fully support lower ratings and\nappropriate supervisory actions, and examiners working with bank management and\nother regulatory agencies to reach agreement on the examination findings and\nsupervisory actions before the final report is issued.\n\nWe also collected examination timeline statistics for compliance examinations.\nGenerally, we identified a trend similar to what we found with risk management\nexaminations\xe2\x80\x94longer overall cycle times for lower-rated institutions. However, unlike\nrisk management examinations, elapsed days between onsite examination work and the\nissuance of the final report did not vary according to ratings from 2009 forward,\naveraging about 1 month.\n\nRegarding how consistently the FDIC administers examinations in its various regions, the\nFDIC has established the following controls and practices intended to promote a\nconsistent examination process while being mindful that examiners must consider unique\ncircumstances and risk factors associated with each institution:\n\n    \xef\x82\xb7   Examination policy and guidance.\n    \xef\x82\xb7   Training programs for examiners.\n\n\n\n                                              4\n\x0c    \xef\x82\xb7   Multiple levels of review for examination reports, including in certain\n        circumstances by headquarters officials.\n    \xef\x82\xb7   Standards and guidance for applying supervisory actions.\n    \xef\x82\xb7   Quality control reviews of key regional and field office examination activities.\n    \xef\x82\xb7   Coordination with other federal and state regulatory agencies on matters of\n        mutual interest.\n\nConcerning the ability of FDIC-supervised institutions to question examination results,\nthe FDIC encourages examiners and bankers to make a good-faith attempt to resolve\ndisputes through informal dialogue during the examination. According to FDIC officials,\nmany disputes are successfully resolved in this manner. Other opportunities for such a\ndialogue include exit meetings with bank management, discussions during the reporting\nprocess to clarify issues, and meetings with an institution\xe2\x80\x99s board of directors (BOD) at\nwhich the examination results are presented. The FDIC also asks each institution, at the\nend of a risk management examination, to complete a Post-Examination Survey to help\nthe FDIC in improving the efficiency and quality of its examinations.\n\nWhen agreement on key issues such as examination ratings, loan loss reserve provisions,\nor classifications of significant loans cannot be reached informally, institutions may\nrequest a formal review by the Director of RMS, DCP, or OCFI, as appropriate. A total\nof 41 such requests were made during the 5-year period ended December 31, 2011. Of\nthis number, one was sustained and three were partially sustained. According to FDIC\nofficials, few requests for review are sustained because the applicable Director usually\nfinds that the initial determinations are consistent with FDIC policy.\n\nInstitutions that dispute the results of the directors\xe2\x80\x99 reviews may appeal to the\nSupervision Appeals Review Committee (SARC), which is outside of the examination\nand supervision process. The SARC\xe2\x80\x99s decisions on material supervisory determinations\nare final. A total of 23 appeals were filed with the SARC during the 5-year period ended\nDecember 31, 2011. Of this number, one appeal was partially sustained. The remaining\nappeals were either denied or lacked grounds for an appeal to the SARC. In reviewing\nthe SARC determinations for appeals that were denied, we noted that the SARC\nconsidered the underlying merits of both the institutions\xe2\x80\x99 and the examiners\xe2\x80\x99 positions\nand, as such, considered the substance of the disagreement, and not simply whether or not\nthe examiners followed established policy.\n\nIn addition, bankers may question examination results in enforcement action cases filed\nby the FDIC with the Office of Financial Institution Adjudication (OFIA) administrative\nlaw judge (ALJ), who conducts hearings and recommends decisions associated with\nformal enforcement actions. Bankers may also contact the FDIC\xe2\x80\x99s OO, which can be\nused to discuss and resolve concerns associated with any aspect of the examination\nprocess in a confidential forum.\n\nFinally, while not directly related to the objectives of our audit, our report discusses\nvarious FDIC initiatives used to further its dialogue and efforts to better understand the\nchallenges and opportunities facing community banks. Such actions help to ensure that\n\n\n                                             5\n\x0cthe FDIC and others significant to the financial industry identify and discuss community\nbanking-related issues and take action to address those issues.\n\n\nThe FDIC\xe2\x80\x99s Oversight of Community Banks\nAlthough community institutions with under $1 billion in assets hold less than 11 percent\nof total banking assets, they provide 37 percent of the loans made by the banking industry\nto small businesses.3 The FDIC serves as the primary federal regulator for the majority\nof community institutions in the nation.\n\nThe FDIC\xe2\x80\x99s supervision program, administered by RMS and DCP, promotes the safety\nand soundness of FDIC-supervised institutions, protects consumers\xe2\x80\x99 rights, and promotes\ncommunity investment initiatives by FDIC-supervised institutions. RMS has primary\nresponsibility for promoting safe and sound financial institution practices through:\n\n    \xef\x82\xb7   periodic, onsite risk management examinations;\n    \xef\x82\xb7   offsite monitoring,4 including the review of quarterly financial data;\n    \xef\x82\xb7   the issuance of supervisory and enforcement actions;\n    \xef\x82\xb7   the publication of guidance and policy;\n    \xef\x82\xb7   ongoing communications with industry officials; and\n    \xef\x82\xb7   the review of applications submitted by FDIC-supervised institutions.\n\nRMS also conducts specialty examinations, usually performed during risk management\nexaminations, that cover trust department operations, information technology controls,\nand institution compliance with the Bank Secrecy Act (BSA).\n\nDCP conducts separate examinations to assess an institution\xe2\x80\x99s compliance with consumer\nprotection statutes and regulations for all state nonmember banks supervised by the\nFDIC.5 DCP also conducts CRA examinations for all state nonmember banks to assess\nthe extent to which an institution is meeting community needs. As part of the compliance\nexamination process, the FDIC reviews substantive compliance issues as well as the\naccuracy and completeness of information and disclosures that institutions provide to\nconsumers.\n\nTable 2 provides statistics on the number and types of examinations conducted by the\nFDIC in 2011.\n\n\n\n3\n  This information was provided by the FDIC\xe2\x80\x99s DIR, as of March 31, 2012.\n4\n  The FDIC\xe2\x80\x99s offsite review program is designed to identify emerging supervisory concerns and potential\nproblems so that supervisory strategies can be adjusted appropriately. For example, offsite reviews are\nperformed quarterly for each bank that appears on the Offsite Review List. Regional management is\nresponsible for implementing procedures to ensure that Offsite Review findings are factored into\nexamination schedules and other supervisory activities.\n5\n  For FDIC-supervised banks under the primary jurisdiction of the CFPB, DCP officials stated that their\nreview is limited to the laws and regulations not enumerated in the Dodd-Frank Act.\n\n                                                    6\n\x0c    Table 2: FDIC Examinations, 2011\n    Examination Type                                  2011\n    Risk Management:\n     State Nonmember Banks                                        2,477\n     Savings Banks                                                  227\n     State Member Banks*                                              4\n     National Banks*                                                  1\n     Savings Associations*                                            3\n       Subtotal                                                   2,712\n    Compliance/CRA:\n     Compliance-only                                                921\n     Compliance/CRA                                                 825\n     CRA-only                                                        11\n       Subtotal                                                   1,757\n    Specialty:\n     Trust Department Operations                                    466\n     Information Technology Controls                              2,802\n     Compliance with BSA                                          2,734\n       Subtotal                                                   6,002\n    Total                                                        10,471\n    Source: FDIC 2011 Annual Report.\n    * The FDIC may conduct examinations of state member banks,\n    national banks, and savings associations, when needed for insurance\n    purposes.\n\nMore information on the FDIC\xe2\x80\x99s processes for risk management and compliance/CRA\nexaminations can be found in Appendix 2.\n\nExamination Timelines\nTracking and Measuring Examination Timeframes\n\nAlthough the FDIC has performance goals applicable to its various examination\nfunctions, we were informed by RMS senior management that they currently do not have\nspecific goals for examination timeframes,6 lest they create incentives that may cause\nexaminers to curtail work to meet time budgets when encountering potential problems.\nInstead, the examination team should contact their field and/or regional management\nwhen problems are encountered and additional time is needed to complete the\nexamination beyond the budget developed during pre-examination planning.\n\nDespite the absence of goals for examination timeframes, the FDIC does track key dates\nfor all risk management and compliance examinations, including:\n\n       \xef\x82\xb7   Examination Start Date, which is the date the examination team begins onsite\n           work;\n\n\n\n6\n We found that the FDIC did have timeframe goals for compliance/CRA examinations in 2010 and 2011.\nFor more details on these goals, see page 15 in this report.\n\n                                                      7\n\x0c      \xef\x82\xb7    Date Examination Completed, which is the date the examination team leaves the\n           bank and submits a draft examination report for supervisory review; and\n      \xef\x82\xb7    Date Mailed, which is the date the final report is mailed to the institution.7\n\nUsing these key dates, the FDIC tracks and monitors the time spent by the examination\nteam for fieldwork and report processing.\n\nIn addition, the FDIC has benchmarks that are used to project staffing requirements. The\nbenchmarks are estimates of staff hours for an average risk management examination of\nbanks by asset size and CAMELS8 ratings. According to RMS, the risk profile of every\nbank is different, even within a similar size range and rating, so RMS managers expect to\nsee actual examination hours vary from applicable benchmarks.\n\nThe current benchmarks used by RMS for risk management examinations range, as\nshown in Table 3, from 335 hours to 1,820 hours for institutions with up to $1 billion in\nassets, depending on asset size and ratings.\n\n    Table 3: Risk Management Examination Benchmarks\n          Asset Size              CAMELS                  CAMELS               CAMELS\n                                 Composite               Composite            Composite\n          ($ millions)         Rating of 1 or 2*         Rating of 3*       Rating of 4 or 5*\n           Under 50                  335                     515                  720\n            50-100                   455                     690                  975\n            100-150                  520                     795                 1,120\n            150-200                  575                     870                 1,225\n            200-250                  605                     915                 1,285\n            250-500                  710                    1,070                1,500\n           500-1,000                 850                    1,295                1,820\n    Source: RMS Business Analysis and Decision Support Section.\n    * Each benchmark represents examination hours for a risk management examination of an\n    FDIC-supervised institution with the associated asset size and rating.\n\nThe current benchmarks used by DCP for compliance/CRA examinations are shown in\nTable 4 for institutions with up to $1 billion in assets:\n\n\n\n7\n  DIR uses the examination mail date (also referred to as the \xe2\x80\x9ctransmittal date\xe2\x80\x9d) to determine when deposit\ninsurance assessment pricing changes become effective for financial institutions. See the FDIC OIG\xe2\x80\x99s\naudit report, Reliability of Supervisory Information Accessed Through the Virtual Supervisory Information\non the Net (ViSION) System (AUD-08-019, dated September 25, 2008), for more information.\n8\n  Examiners review the institution\xe2\x80\x99s risk exposure in six component areas, using what is known as the\nUniform Financial Institution Rating System (UFIRS), commonly referred to as the CAMELS rating\nsystem -- (Capital adequacy, Asset quality, Management, Earnings, Liquidity, and Sensitivity to market\nrisk). Evaluations of CAMELS components consider the institution\xe2\x80\x99s size and sophistication, the nature\nand complexity of its activities, and its risk profile. At risk management examinations, an institution is\nrated for each of the CAMELS components and assigned a composite rating, which generally bears a close\nrelationship to the component ratings. The component and composite ratings are scored on a scale of 1\n(best) to 5 (worst).\n\n                                                     8\n\x0c    Table 4: Compliance/CRA Examination Benchmarks\n       Asset Size                                                                Joint\n                          Compliance-Only            CRA-Only\n                                                                            Compliance/CRA\n       ($ millions)        Examinations*           Examinations*\n                                                                             Examinations*\n         Under 50                  170                    55                      225\n          50-100                   215                    65                      280\n          100-250                  250                    95                      345\n          250-500                  320                    130                     450\n         500-1,000                 380                    175                     555\n    Source: RMS Business Analysis and Decision Support Section.\n    * Each benchmark represents examination hours for a compliance and/or CRA examination of\n    an FDIC-supervised institution with the associated asset size.\n\nWe noted that RMS maintains tracking data on the actual hours spent on each\nexamination by examination type and by asset size and ratings categories. This\ninformation is used to show the range of examination hours above and below the\nbenchmarks and to report average examination hours, by region, compared to each\nbenchmark category. RMS managers use these reports to monitor examination staff\nhours against the benchmarks to detect trends and plan future staffing needs.\n\nThe Examination Process Tied to Available Timeframe Data\n\nFor both risk management and compliance examinations, RMS also maintains tracking\ninformation from the start to the end of onsite fieldwork and to the issuance of the final\nexamination report. The following sections present statistical data on the average\nturnaround times, in days, for risk management and compliance examinations.9 The\nscope of our review, 2007-2011, was selected to take into account examination\ntimeframes and appeals processes both before and during the financial crisis. Figures 1\nthrough 6 cover average onsite days, average report processing days, and average total\ndays combining both onsite and report processing times. RMS and DCP officials do not\nroutinely track the average days for pre-examination planning, but RMS officials\ninformed us that this phase of the examination typically takes 1-2 weeks.\n\n\n\n\n9\n Turnaround time is defined by RMS as the number of calendar days from the start of a process until the\nend of that process. For example, onsite turnaround time measures the number of calendar days from the\nday the examination team starts onsite work at the institution\xe2\x80\x99s offices until the day the team completes its\nonsite work.\n\n                                                      9\n\x0cRisk Management Examinations. As shown in Figure 1, the average length of time\nonsite for risk management examinations varied from 20 to 33 days for institutions rated\n1 or 2 in 2007-2011 and from 42 to 66 days for institutions rated 3, 4, or 5. The most\nnotable trends are that the number of onsite days increased 20-27 percent for 1- or 2-rated\ninstitutions, from their low in 2007 to their high in 2011, but onsite days decreased\n12-16 percent for 4- or 5-rated institutions from their high in 2008 to their low in 2011.\n\n Figure 1: Risk Management Examinations \xe2\x80\x93 Average Onsite Turnaround Days\n           for Institutions under $1 Billion in Assets, 2007-2011\n\n\n\n\n                            70\n                                            66\n                                    64\n\n                            60                        60\n                                            58                   58\n                                                                         57\n                                    54                54         57\n                                                                         52\n                            50\n                                                                 47\n   Average Number of Days\n\n\n\n\n                                            44                                        5 Rating\n                                                      43\n                                    42                                   43           4 Rating\n                            40\n                                                                                      3 Rating\n\n                                                                         33           2 Rating\n                                                                32\n                                                     29                               1 Rating\n                            30             28\n                                    26\n\n                                                      22         23      24\n                                    20      20\n                            20\n\n\n\n                            10\n\n\n\n                            0\n                                 2007    2008     2009        2010    2011\n                                                 Year End\n\n\n\nSource: RMS Business Analysis and Decision Support Section.\n\n\nRegarding the trend in 1- and 2-rated institutions, RMS officials indicated that, beginning\nin 2007, there was a change in examination procedures that increased the baseline\nprocedures and allowed for more examiner discretion in expanding the scope of\nexaminations, depending on what examiners found onsite. Also, as RMS hired more\nexamination staff, there was more capacity to review areas of potential weakness in well-\nrated banks, as well as new staff to train.\n\nWith respect to the trend in 4- and 5-rated institutions, RMS officials indicated that\nexaminations with initial downgrades to problem institution status typically took more\ntime than subsequent examinations, where problems had already been identified. The\nmajority of problem institutions were initially downgraded between 2008 and early 2010,\nso RMS officials were not surprised that examination days trended downward in these\ninstitutions.\n\n\n\n\n                                                         10\n\x0cFigure 2 shows that average report turnaround days varied widely in the beginning years\nof the recent financial crisis, rising significantly from 2007 to 2008 for banks rated 2, 3,\n4, or 5, but began to stabilize or decrease in 2009-2011. In addition, the turnaround time\nfor that phase of the examination process generally ranged from:\n\n                             \xef\x82\xb7   2 to 4 weeks for institutions rated 1 or 2; and\n                             \xef\x82\xb7   6 to 9 weeks for institutions rated 3, 4, or 5.\n\nThe difference in processing timeframes between well-rated and troubled institutions can\ngenerally be attributed to the additional complexity and volume of deficiencies associated\nwith the troubled institutions, the level of review required to ensure the reports fully\nsupported lower ratings and appropriate supervisory actions, and examiners working with\nbank management and other regulatory agencies to reach agreement on the examination\nfindings and supervisory actions before the final report was issued.\n\nFigure 2: Risk Management Examinations \xe2\x80\x93 Average Report Turnaround Days\n          for Institutions under $1 Billion in Assets, 2007-2011\n\n\n\n                            70                        69\n\n                                                      65\n                                         59                                           60\n                            60                       59\n                                                                    56                        57\n                                                                                      54\n                                                                    53                        54\n                                                                      53\n                            50                                                        49\n   Average Number of Days\n\n\n\n\n                                      42                                                      45   5 Rating\n                                                                                                   4 Rating\n                            40\n                                                                                                   3 Rating\n                                                                                                   2 Rating\n                                                                     31               32\n                                                                                                   1 Rating\n                            30                        29                                      30\n\n                                           22\n                            20      21\n                                                                     15               16\n                                                                                              16\n                                                      13\n                                         12\n                            10\n\n\n\n                            0\n                                    2007           2008          2009              2010    2011\n                                                                Year End\n\n\n\nSource: RMS Business Analysis and Decision Support Section.\n\n\nAccording to RMS officials, the trends in Figure 2 reflect the precipitous decline in the\nindustry beginning in 2007 and 2008, when problems were first identified and initial\ndowngrades were made. Processing times began to stabilize as additional report\nreviewers were added in the regional offices and both examiners and review staff became\naccustomed to addressing the common problems they were seeing.\n\n\n\n\n                                                                        11\n\x0cAs reflected in Figure 3, the total turnaround days for risk management examinations,\ncombining both onsite and report processing times, show significant increases from 2007\nto 2008 for banks rated 2, 3, 4, or 5, reflecting the increase in report processing times and\nthen stabilization over the years 2009-2011.\n\n Figure 3: Risk Management Examinations \xe2\x80\x93 Average Total Turnaround Days\n           for Institutions under $1 Billion in Assets, 2007-2011\n\n\n\n                            140\n                                             131\n                            130\n                                            127\n                            120                                  118\n                                    113                 113\n                                                                 110       114\n                            110                         110                107\n                                             103\n                            100                        96        96\n                                                                                         5 Rating\n   Average Number of Days\n\n\n\n\n                            90     85\n                                                                           89\n                                                                                         4 Rating\n                                     84\n                            80                                                           3 Rating\n\n                            70                                                           2 Rating\n                                                                 65\n                                                        60                               1 Rating\n                            60                                             62\n                                             56\n                                     48\n                            50\n                                                                 39\n                            40                          37                 40\n                                     32      33\n                            30\n\n                            20\n\n                            10\n\n                             0\n                                  2007    2008      2009      2010      2011\n\n                                                   Year End\n\n\nSource: RMS Business Analysis and Decision Support Section.\n\n\nAs noted for the previous figures, RMS officials explained that the overall trends\nobserved were caused by the combination of changes in examination procedures in 2007,\nthe decline in ratings beginning in 2007, the significant addition of examination and\nreview staff to address the additional workload, and the subsequent stabilization of the\nindustry.\n\n\n\n\n                                                        12\n\x0cCompliance Examinations. For purposes of presenting meaningful information\npertaining to the timeframes for compliance examinations, we excluded timeframes for\nCRA performance evaluations (which are rarely conducted as stand-alone assignments)\nand instances where compliance examinations and CRA performance evaluations were\nconducted together. In addition, we found that the statistics for compliance examinations\nreflected few, if any, institutions rated 4 or 5 during 2007-2011.10 This caused the\nturnaround days associated with those ratings to vary widely and did not provide\nsufficient information for comparison and analysis purposes. As a result, we omitted this\ndata from our analysis.11\n\nFigure 4 shows wide variability in the average onsite turnaround days for institutions\nwith a compliance rating of 3, which we attribute to the low level of institutions receiving\nthat rating. Generally, we identified a trend similar to what we found with risk\nmanagement examinations\xe2\x80\x94longer overall cycle times for these lower-rated institutions.\nThe average onsite turnaround days for institutions rated 1 or 2 also show some\nvariability, but no significant trends.\n\nFigure 4: Compliance Examinations \xe2\x80\x93 Average Onsite Turnaround Days\n          for Institutions under $1 Billion in Assets, 2007-2011\n\n\n\n\n                                160\n\n                                140                                   144\n                                         129\n       Average Number of Days\n\n\n\n\n                                120\n                                                                                      113\n                                100                                                                      3 Rating\n                                                          85\n                                80                                                                       2 Rating\n                                                                                                         1 Rating\n                                60               54\n\n                                                  38\n                                40                          34        33              40\n                                         27       26\n                                                           20         24              24\n                                20       22\n\n                                 0\n                                      2007     2008     2009      2010            2011\n                                                       Year End\n\n\n\nSource: RMS Business Analysis and Decision Support Section.\n\n\n\n\n10\n   Similar to risk management examinations, compliance examinations also provide a rating from 1 to 5,\nwith 1 indicating a strong compliance position and 5 indicating an institution in need of the strongest\nsupervisory attention.\n11\n   The number of institutions that received a compliance rating of 3 was also low, ranging from 19 to 73\ninstitutions in any particular year, but we decided to include the data for 3-rated institutions in Figures 4, 5,\nand 6 because the information showed a steady trend for the average report turnaround days in Figure 5.\n\n\n\n                                                            13\n\x0cAnother trend that we identified in the timeframe data for compliance examinations was\nthat average report processing times increased significantly from 2007 to 2011 for\ninstitutions rated 1 or 2. Specifically, as shown in Figure 5, the average report turnaround\ndays increased from 12 days to 32 days for 1-rated institutions and from 18 days to\n30 days for 2-rated institutions. There was little variation in the average report\nturnaround days for 3-rated institutions.\n\nFigure 5: Compliance Examinations \xe2\x80\x93 Average Report Turnaround Days\n          for Institutions under $1 Billion in Assets, 2007-2011\n\n\n\n\n                               40\n                                                       35       35\n                                             31          32           32\n                                      31\n      Average Number of Days\n\n\n\n\n                                                        29      29          31\n                               30             27                                      3 Rating\n                                                                     30\n                                                                28\n                                                                                      2 Rating\n\n                               20    18     18                                        1 Rating\n\n                                      12\n                               10\n\n\n\n                               0\n                                    2007   2008     2009      2010   2011\n                                                   Year End\n\n\n\nSource: RMS Business Analysis and Decision Support Section.\n\n\nAccording to DCP management, the increase in the turnaround times was the result of\nseveral changes in DCP\xe2\x80\x99s examination process and staffing. Starting in 2008, DCP\nintroduced several new examination processes as a result of regulatory changes. These\nchanges included guidance related to third-party oversight, pre-exam planning\nprocedures, and changes to consumer protection laws and regulations. In addition, DCP\nchanged its consultation process in response to increased changes in financial products,\noften offered by third-parties, which required additional review of complex issues.\n\nIncreases in compliance examination staff over the past several years also required\nincreased training and development. Field supervisors are delegated authority to process\n1- and 2-rated reports without significant issues but, as a result of the increased need for\ntraining and development of staff, many of the 1- and 2-rated reports were reviewed by\nDCP review examiners, extending the review timeframes. DCP officials noted that\nalthough the turnaround time had increased, it was still within established timeframes.\n\n\n\n\n                                                        14\n\x0cFigure 6 shows the average total turnaround times for compliance examinations,\ncombining both the average onsite and report turnaround days.\n\nFigure 6: Compliance Examinations \xe2\x80\x93 Average Total Turnaround Days\n          for Institutions under $1 Billion in Assets, 2007-2011\n\n\n\n\n                              200\n                              180                                              179\n                                                                                                           3 Rating\n                              160        160\n     Average Number of Days\n\n\n\n\n                                                                                            144            2 Rating\n                              140\n                                                                 120                                       1 Rating\n                              120\n                              100\n                                                     85\n                              80\n                                                     65            66          63           70\n                              60                                              53            56\n                                        44           44           49\n                              40         34\n                              20\n                               0\n                                      2007        2008         2009         2010        2011\n                                                              Year End\n\n\nSource: RMS Business Analysis and Decision Support Section.\n\n\nWe identified FDIC timeframe goals for compliance/CRA examinations in 2010 and\n2011, as follows:\n\n                \xef\x82\xb7               2010: Issue final examination reports for at least 90 percent of favorably-rated\n                                institutions within 90 days of the start of the examination for compliance-only\n                                examinations and within 120 days of the start of the examination for joint\n                                compliance/CRA examinations.\n\n                \xef\x82\xb7               2011: Issue final examination reports for at least 90 percent of favorably-rated\n                                institutions within 90 days of the start of onsite compliance-only or CRA-only\n                                examinations and within 120 days of the start of joint onsite compliance/CRA\n                                examinations.\n\n                \xef\x82\xb7               2011: Issue final examination reports for at least 90 percent of unfavorably-\n                                rated institutions within 150 days of the start of onsite compliance-only or\n                                CRA-only examinations and within 180 days of the start of joint onsite\n                                compliance/CRA examinations.\n\nAccording to the FDIC\xe2\x80\x99s Annual Plans, the Corporation successfully met these\nperformance targets. Additionally, DCP officials indicated that they continue to measure\nexamination performance in 2012.\n\n\n\n                                                                   15\n\x0cControl Processes for Examination Consistency\nTo address consistency in the administration of risk management and compliance/CRA\nexaminations across the country, the FDIC has a framework of controls in place that are\ndesigned to consider the unique circumstances of each institution and the community in\nwhich it operates, as well as to ensure that institutions in similar conditions are treated in\nthe same manner. The FDIC\xe2\x80\x99s control framework includes examination standards and\nguidance and examiner training. In addition, the FDIC ensures that appropriate\nsupervision is provided in a consistent manner using a multi-layered supervisory process\nthat involves:\n\n     \xef\x82\xb7   all levels of RMS supervision12 (field offices, regional offices, and headquarters)\n         to review examination results, examiner conclusions, and the resulting\n         examination reports and, when deemed appropriate, to consider the applicability\n         of informal supervisory or formal enforcement actions; and\n\n     \xef\x82\xb7   ongoing interaction and coordination with financial institutions\xe2\x80\x99 management and\n         BODs.\n\nThe FDIC\xe2\x80\x99s control framework also includes efforts to monitor bank performance and\nresponses to examination results and internal review and quality assurance processes to\nfurther promote consistency in its examinations and supervision. Further, the FDIC\ncoordinates with a number of external councils and working groups on the federal and\nstate levels to assure that its examination and supervision of community banks are\nconsistent with other financial regulatory agencies.\n\nExamination Standards and Guidance\n\nThe FDIC promotes safe and sound financial institution practices through a number of\nmeans, including conducting regular risk management examinations. Further, when\nappropriate, the FDIC has a range of informal and formal corrective actions available to\nresolve supervisory concerns identified during risk management examinations. The\nfollowing sections discuss laws, rules and regulations, policies, and practices that\npromote and help ensure consistent treatment of institutions in similar conditions.\n\nSpecific Examination Standards Established by the FDI Act and Rules and\nRegulations. In addition to Section 10(b) of the FDI Act, which governs the FDIC\xe2\x80\x99s\nspecific examination authority, the FDI Act also provides additional authorities, such as\nthose related to investigations and Prompt Corrective Actions (PCA) that govern the\nFDIC\xe2\x80\x99s examination, supervision, and enforcement processes. Further, the FDIC Rules\nand Regulations provide guidance for examinations conducted by FDIC examiners. Such\nguidance relates, but is not limited, to BSA compliance, restrictions related to brokered\n\n12\n  The FDIC\xe2\x80\x99s internal control framework relates to both risk management and compliance/CRA\nexaminations. Appendix 2 provides information regarding both types of FDIC examination processes. As\nindicated in Appendix 2, the compliance/CRA processes are similar to those used for risk management\nexaminations.\n\n                                                 16\n\x0cdeposits, and safety and soundness standards. Appendix 3 provides examples of the laws\nand rules and regulations applicable to the FDIC\xe2\x80\x99s examination and supervision\nprocesses.\n\nExamination Guidance. As referenced earlier in the report, federal and state regulatory\nagencies, including the FDIC, use a standard system known as the Uniform Financial\nInstitutions Rating System (UFIRS) to rate financial institutions. The UFIRS was\nadopted by the FFIEC on November 13, 1979. UFIRS is commonly referred to as the\nCAMELS rating system. Various changes in the banking industry and regulatory policies\nprompted a revision of the rating system in December 1996. The revisions to UFIRS\ninclude the addition of a sixth component addressing sensitivity to market risk, the\nexplicit reference to the quality of risk management processes in the management\ncomponent, and the identification of risk elements within the composite and component\nrating descriptions.\n\nThe UFIRS takes into consideration certain financial, managerial, and compliance factors\nthat are common to all institutions. Under this system, the supervisory agencies endeavor\nto ensure that all financial institutions are evaluated in a comprehensive and uniform\nmanner, and that supervisory attention is appropriately focused on institutions exhibiting\nfinancial and operational weaknesses or adverse trends. Over the years, the UFIRS has\nproved to be an effective supervisory tool for evaluating financial institutions on a\nuniform basis and for identifying institutions requiring special attention.\n\nIn addition, examiners use the Uniform Interagency Consumer Compliance Rating\nSystem to rate financial institutions during compliance/CRA examinations. As with the\nUFIRS, each bank is assigned a consumer compliance rating based on a scale of 1\nthrough 5 in increasing order of supervisory concern.\n\nFurther, the FDIC provides guidance to its examination staff and supervised financial\ninstitutions primarily by issuing Regional Directors (RD) Memoranda, Financial\nInstitution Letters (FIL), examination manuals, and other forms of guidance, such as\nExamination Documentation (ED) Modules. Such guidance promotes consistency in the\nexamination process. The guidance covers a variety of topics, informs financial\ninstitutions of supervisory expectations, and, generally, communicates the FDIC\xe2\x80\x99s\nexpectations and authorities. Appendix 4 provides additional information regarding the\npolicy and examination guidance the FDIC provides to its examination staff and financial\ninstitutions.\n\nExaminer Training Activities\n\nThe FDIC provides training to both risk management and compliance examination staff\nthrough various means. To ensure that its examination staff is aware of the Corporation\xe2\x80\x99s\nexpectations, training requirements, required commissions, and benchmarks, the FDIC\nhas issued substantial guidance that outlines such training and that contributes to\nconsistency in the training and examination processes. The FDIC\xe2\x80\x99s training activities are\nused to reinforce and provide practical experience regarding the FDIC\xe2\x80\x99s standards\nestablished in applicable guidance; laws and rules and regulations; and supervisory\n\n\n                                           17\n\x0cposition, expectations, and authorities. FDIC risk management and compliance\nexaminers must satisfactorily complete a required course curriculum and a program of\non-the-job training (OJT) before they can become commissioned examiners. The FDIC\nalso supports its examination staff in the pursuit of professional certifications, such as\nthose related to BSA and anti-money laundering (AML), public accounting, fraud,\nfinancial analysis, information systems, and bank auditing. Appendix 5 provides\nadditional information regarding the FDIC\xe2\x80\x99s examiner training activities, including the\nrole of the FDIC\xe2\x80\x99s Corporate University. As discussed later in this report, the FFIEC also\nprovides training for the FDIC and the other regulatory agencies.\n\nSupervisory Review Process\n\nThe FDIC\xe2\x80\x99s organizational structure includes six regional offices and two area offices.\nEach of the area offices reports to and is part of a regional office. The regional and area\noffices are each responsible for a number of field offices. As a result of this widely-\ndistributed workforce, the Corporation faces a constant challenge in maintaining a\nconsistent approach to common issues and risks. In that regard, the FDIC uses a multi-\nlevel examination process to conduct, supervise, and review examinations that includes:\n\n     \xef\x82\xb7   offsite pre-examination planning and analysis;\n     \xef\x82\xb7   risk-scoping activities to focus resources on a bank\xe2\x80\x99s highest risk areas;\n     \xef\x82\xb7   onsite execution of the examination; and\n     \xef\x82\xb7   ongoing communication with the financial institution management and BODs\n         before, during, and after the examination.\n\nThe FDIC\xe2\x80\x99s multi-level supervisory review process includes examiners-in-charge (EIC)\nand supervisors in the field or regional offices and is in place to assure consistency in its\nsupervision and examination processes. Before being issued in final form, the\nexamination report undergoes a quality control review by the responsible field or regional\noffice to ensure the content is accurate, the findings are consistent with FDIC policies,\nand the tone is appropriate given the institution\xe2\x80\x99s overall condition. In certain cases, such\nas when formal enforcement actions are involved, financial institutions are rated 4 or 5\n(or in some cases 3), or other significant examiner concerns are identified, the review and\napproval process will also involve RMS headquarters. According to FDIC officials, this\nprocess helps to ensure that agency guidance and the supervisory treatment of financial\nconditions are applied in a consistent manner.\n\nRegional office involvement in the supervisory approach to financial institutions is\nsignificant to the FDIC\xe2\x80\x99s overall supervisory process. For example, regional office case\nmanagers, in conjunction with regional office senior management, coordinate and direct\nthe RMS supervisory program using a top-down approach to develop strategies and\nexamination activities for all insured depository institutions.13 The primary\nresponsibilities of case managers include assessing risk to the Deposit Insurance Fund\n(DIF) and implementing the appropriate supervisory approach to eliminate or manage\n\n13\n  According to DCP officials, their review process is very similar, with DCP review examiners performing\nthe same responsibilities as RMS case managers.\n\n                                                  18\n\x0csuch risk. To properly assess risk, case managers must maintain an informed position on\nthe financial institutions for which they are responsible. To achieve that goal, case\nmanagers review examination reports and correspondence, review press releases and\nother media sources, consider offsite monitoring results, and communicate with other\nregulatory agencies and financial institution officials.\n\nRegional office involvement in the review is not limited to case managers. As indicated\nbelow in Figure 7, the FDIC\xe2\x80\x99s risk management examination review process also\ninvolves senior regional office management and, in some cases, RMS headquarters.\n\nFigure 7: Overview of the Risk Management Examination Review Process\n\n\n\n\nSource: Government Accountability Office (GAO) -11-489, Enhanced Guidance on Commercial Real Estate\nRisks Needed, May 19, 2011.\n * The numbers in the circles are composite CAMELS ratings.\n Notes: ROE is an acronym for Report of Examination.\n A problem bank memorandum documents the FDIC\xe2\x80\x99s concerns with an institution and the corrective\n action in place or to be implemented. A problem financial institution is defined as any insured institution\n that has been assigned a composite rating of 4 or 5,or 3 for certain financial institutions, by its primary\n federal regulator or by the FDIC.\n\nIn addition, the review process may include consultation with the FDIC\xe2\x80\x99s Legal Division.\nGenerally, the mission of the Legal Division is to provide the FDIC with timely,\ncomprehensive, and cost-effective legal services that support the Corporation\xe2\x80\x99s oversight\nof the safe and sound operation of insured depository institutions; compliance with\napplicable civil and criminal laws and regulations, including appropriate measures in\nresponse to violations; and its responsibilities related, but not limited, to the resolution of\nfinancially troubled and insolvent institutions.14\n\nFor example, the Legal Division\xe2\x80\x99s Enforcement Section works closely with bank and\nreview examiners to ensure bank compliance with banking and consumer protection laws\nand regulations, and to ensure the continued safety and soundness of insured depository\ninstitutions. In addition, where unsafe or unsound practices, violations of law, or unsafe\nor unsound conditions are discovered, usually as a result of the examination of a financial\ninstitution or a consumer complaint, appropriate action is taken to ensure correction. The\n\n14\n  DCP officials indicated that the Legal Division provides support to DCP regarding significant consumer\nprotection violations and needed enforcement actions.\n\n                                                      19\n\x0cEnforcement Section reviews enforcement cases provided by the regional offices to\nensure compliance with FDIC policies and substantive case law. Further, the\nEnforcement Section also works with the regional offices and other bank regulatory\nagencies to promote consistent enforcement policies and procedures. In particular, the\nLegal Division provides assistance when (1) there is a need to determine whether there\nare apparent violations of laws and regulations and (2) examiners recommend imposing a\nformal enforcement action based on examination results.\n\nFurther, the FDIC\xe2\x80\x99s Chief Accountant contributes to consistency in the examination and\nsupervision processes by participating in the development of the FDIC\xe2\x80\x99s regulations and\nsupervisory policies; reviewing institutions\xe2\x80\x99 accounting for specific transactions, when\ncalled upon to do so; and ensuring the appropriate and consistent application of\nsupervisory and examination criteria related to significant economic and accounting\nissues.\n\nSupervisory Actions\n\nProblems or concerns that may justify the need for the FDIC to consider or impose a\nsupervisory or enforcement action against a bank or a bank official or director may come\nto the FDIC\xe2\x80\x99s attention in a number of ways. The majority of the actions result from\nexaminations. The remaining actions result from bank employees or customers who\nvolunteer information concerning irregular activities in banks. Such disclosures could, in\nturn, lead to FDIC visitations or an investigation. Financial information that may justify\nenforcement action may also be obtained from the reports of condition and income filed\nby banks on a quarterly basis.\n\nThe FDIC\xe2\x80\x99s Risk Management Manual of Examination Policies (Examination Manual)\nrequires examiners to document their findings through a combination of brief summaries,\nsource documents, report comments, and other workpapers that describe examination\nresults, including the bank\xe2\x80\x99s financial condition , its management practices, and\nexamination conclusions. Although examination documentation may be maintained in\nvarious ways, examiners must securely retain appropriate supporting records of all major\nexamination conclusions, recommendations, and assertions detailed in the examination\nreport. Based on the examination results, examiners recommend appropriate corrective\naction, if any, to their field and regional office officials. Especially in a bank deemed to\nbe a \xe2\x80\x9cproblem bank,\xe2\x80\x9d or in unusual situations, examination reports are discussed with the\nfield office supervisor during the examination. Conversely, when an examiner identifies\nproblems of a relatively inconsequential nature, such as those not impacting the\nsoundness of the institution, the examiner will make the bank aware of the problem and\nwork with bank management towards a resolution. If the examiner has confidence that\nthe bank can and will rectify the problem, no further action may be required at that time.\n\nIf it becomes clear that informal cooperation will not be effective or identified problems\nare serious, the FDIC has a wide range of both informal supervisory and formal\nenforcement actions that it may use. The supervisory and enforcement options available\nto the FDIC, from the least to the most severe, are as follows:\n\n\n\n                                             20\n\x0c   \xef\x82\xb7   moral suasion and other informal means;\n   \xef\x82\xb7   examination of institutions;\n   \xef\x82\xb7   written agreements, bank board resolutions (BBR), memoranda of understanding\n       (MOU), and formal agreements;\n   \xef\x82\xb7   cease and desist/consent orders and PCA directives against institutions, officials,\n       or other participants;\n   \xef\x82\xb7   removal proceedings against officers, directors, or other participants;\n   \xef\x82\xb7   prohibition orders against officers, directors, or other participants;\n   \xef\x82\xb7   civil money penalties (CMP) imposed against institutions and their officials; and\n   \xef\x82\xb7   termination of deposit insurance.\n\nActions taken by the FDIC to address consistency in the consideration and imposition of\nsupervisory actions involve the use of specific guidance and the examination team\xe2\x80\x99s and\nfield office\xe2\x80\x99s coordination with regional officials, the Legal Division, and FDIC\nheadquarters.\n\nThe FDIC has issued specific guidance in the Formal and Informal Action Procedures\nManual (FIAP Manual) and RD memoranda to inform its examination staff as to when\nand what type of informal or formal supervisory actions should be considered as a result\nof an examination. In addition to complying with stated guidance, before imposing\ninformal or formal actions against financial institutions, examiners consult with and\ndiscuss examination results and their concerns regarding financial institution operations,\ncompliance with laws and regulations, and contraventions of policy with examination\nteam members and their respective field and regional office supervisors. Jointly, the\nexamination team and regional and field office management decide whether supervisory\naction is warranted, and if so, what type of action is appropriate.\n\nEach level of FDIC supervision has certain delegated authorities. However, decisions\nregarding the appropriate FDIC supervisory strategy for community banks are made in a\ncollaborative manner with all levels of FDIC supervision available for review and\nconsultation. More specifically, examiners, case managers, and FDIC regional office\nsupervisors consult and coordinate with regional office Legal Division representatives\nand, if necessary, RMS headquarters officials regarding whether and what type of\nsupervisory actions should be imposed against FDIC-supervised financial institutions.\n\nAfter the regional office has completed its review, certain enforcement actions, such as\nprohibition and removal stipulations and notices, are forwarded under the Regional\nDirector\xe2\x80\x99s signature (with concurrence by the Legal Division\xe2\x80\x99s Regional Counsel) to the\nappropriate RMS headquarters officials for review and approval. RMS headquarters\nofficials also review problem bank examination reports and memoranda submitted by the\nregional offices and, if necessary, consent or cease and desist orders, as well as\nsupervisory strategies for certain FDIC-insured and/or supervised financial institutions.\n\n\n\n\n                                            21\n\x0cQuality Assurance Reviews and Other Tools for Monitoring Examination\nProcesses\n\nThe RMS Internal Control and Review Section (ICRS) helps to ensure consistency in the\nCorporation\xe2\x80\x99s examination and supervision processes. RMS established ICRS to\nfacilitate the review of the activities and the overall operational efficiency and\neffectiveness of RMS. More specifically, ICRS:\n\n   \xef\x82\xb7   supports and enhances RMS\xe2\x80\x99s ability to identify and mitigate risk by developing,\n       implementing, overseeing, and coordinating internal review, audit liaison, internal\n       control, and risk management programs;\n\n   \xef\x82\xb7   helps to ensure that RMS identifies, mitigates, and manages high-risk banking\n       practices, evolving risks, challenges, and operating risks using sound internal\n       control procedures;\n\n   \xef\x82\xb7   performs internal reviews, including regional office reviews; and\n\n   \xef\x82\xb7   provides expertise in internal control and risk management matters.\n\nDCP, established in 2011, also has an internal control and review function (ICR). The\nDCP Operations and Technical Systems Section\xe2\x80\x99s ICR has processes, comparable to\nICRS, to promote consistency in the compliance examination process. In addition to\nperforming internal reviews and providing expertise in internal control and risk\nmanagement matters, ICR provides DCP senior management with a performance\noverview of the regions\xe2\x80\x99 systems, controls, and decision-making processes, including\nfeedback of the overall operations.\n\nICRS and ICR conduct concurrent but separate reviews of their six regional offices on a\ntriennial cycle. The objectives of these regional reviews are to assess management\xe2\x80\x99s\nsystems, controls, decision-making processes, and supervisory strategies and to report\nfindings to senior RMS management. The general scope of the reviews includes, but is\nnot limited to:\n\n   \xef\x82\xb7   Performing limited risk-focused reviews of the regions\xe2\x80\x99 supervisory actions and\n       responses over time, including detailed reviews of risk management and\n       compliance examination reports and CRA performance evaluations, institution\n       applications, and supervisory strategies for a sample of institutions.\n\n   \xef\x82\xb7   Ensuring that the FDIC uses a consistent approach, across all regions, in\n       examination procedures, ratings, and corrective actions required when examining\n       banks for compliance with consumer protection regulations.\n\n   \xef\x82\xb7   Determining the regions\xe2\x80\x99 timeliness and effectiveness of supervisory actions and\n       communications and ensuring that the regional offices effectively monitor the\n       compliance of FDIC-supervised institutions with informal and formal actions.\n\n\n                                           22\n\x0c     \xef\x82\xb7   Performing risk-focused reviews of targeted areas, such as PCA, asset and/or\n         liability concentrations, compliance with outstanding guidance, management\xe2\x80\x99s\n         communications, and implementation of new or revised guidance and programs.\n\n     \xef\x82\xb7   Following up on the status of recommendations made during prior regional\n         reviews and other reviews/audits conducted by external and/or internal entities.\n\n     \xef\x82\xb7   Ensuring the region implements strategies to mitigate issues identified during self-\n         assessments and challenges identified in the Regional Director\xe2\x80\x99s Annual\n         Assurance Statements.15\n\nTable 5 shows which regional offices were reviewed during 2007\xe2\x80\x932011.\n\n Table 5: Regional Reviews, 2007-2011*\n     Regional Office              2007           2008            2009           2010             2011\n         Atlanta                    \xe2\x88\x9a                                                              \xe2\x88\x9a\n        Chicago                                    \xe2\x88\x9a\n         Dallas                                                    \xe2\x88\x9a\n       Kansas City                  \xe2\x88\x9a                                                              \xe2\x88\x9a\n       New York                                    \xe2\x88\x9a\n      San Francisco                 \xe2\x88\x9a                                              \xe2\x88\x9a\n  Source: FDIC ICRS.\n * According to ICRS and ICR officials, the number of regional reviews conducted may vary depending on\n available resources.\n\n\nMonitoring of Informal and Formal Actions. The FDIC has a number of automated\nsystems that are used to record, track, and monitor supervisory actions. Those systems\ninclude ViSION, the System of Uniform Reporting of Compliance and Community\nReinvestment Act Examinations (SOURCE), and the Formal and Informal Action\nTracking system. These systems are accessible to FDIC staff in the field, regional, and\nheadquarters offices and can be used to generate routine and customized reports related to\nactions imposed by the FDIC and actions taken by financial institutions in response to\nthose actions. The systems facilitate information-sharing among examination staff and\nmanagement regarding how issues are handled from region to region and, by extension,\nassist in the consistent treatment of institution risks and circumstances.\n\nIn addition, each region has an information group (Regional Office Information\nManagement Group) that collects data and prepares reports, including PCA reports and\nwatch lists for compliance and CRA, for management oversight of the examination\nfunction. These reports are also available to headquarters for cross-region monitoring.\n\n\n\n\n15\n  Annually, each region will satisfy an accountability requirement by submitting a written report that\nprovides reasonable assurance that the region\xe2\x80\x99s system of internal controls is effective.\n\n                                                       23\n\x0cCoordination with External Councils and Working Groups\n\nThe FDIC coordinates with a number of external Councils and working groups that\ninclude the other financial regulatory agencies. Participation with these groups further\npromotes consistency in the Corporation\xe2\x80\x99s examination and supervision of community\nbanks.\n\nMembership and Participation in FFIEC Activities. As stated previously, the FDIC is\na member of the FFIEC, which prescribes uniform principles, standards, and report forms\nfor the examination of financial institutions by federal and state regulatory agencies. The\nFFIEC publishes handbooks, catalogs, and databases that provide uniform guidance and\ninformation to promote a consistent examination process among the agencies. In\naddition, as part of its mandate, the FFIEC provides training for federal and state\nexaminers. The goals of the training program are to (1) promote training efficiency by\nencouraging consistency of examiner education through joint sponsorship of interagency\ntraining; (2) develop, maintain, and deliver timely, cost-effective, and state-of-the-art\ninteragency training; (3) serve as a central point for training opportunities offered by the\nmember agencies; and (4) support the initiatives of the FFIEC and its task forces. The\nFFIEC provides training in such areas as community financial institution lending, asset\nmanagement, commercial real estate, real estate appraisals, financial crimes, and\nBSA/AML.\n\nTo further enhance examination consistency among the FFIEC members, including the\nFDIC, the FFIEC has a number of task forces that assist in achieving its mission. More\nspecifically, there are six task forces to effectively administer the full spectrum of\nprojects in the FFIEC\xe2\x80\x99s functional areas, including, but not limited to, researching future\nenhancements for examiner guidance, examiner training, and reporting. Each task force\nis composed of six senior officials from the five federal regulatory agencies and a\nrepresentative of the SLC. There is a separate task force for each of the following subject\nmatters:\n\n   \xef\x82\xb7   examiner education,\n   \xef\x82\xb7   supervision,\n   \xef\x82\xb7   reports,\n   \xef\x82\xb7   information sharing,\n   \xef\x82\xb7   surveillance systems, and\n   \xef\x82\xb7   consumer compliance.\n\nAppendix 6 provides additional information regarding the FFIEC task forces.\n\nCoordination and Membership in Other Task Forces and Working Groups. In\naddition to the FFIEC, the FDIC coordinates with other agencies to promote consistency\nin its supervision and examination processes. For example:\n\n   \xef\x82\xb7   The FDIC works with the FRB, OCC, and NCUA to address issues and programs\n       that transcend the jurisdiction of each agency, such as the development of\n       regulations.\n\n                                             24\n\x0c     \xef\x82\xb7   The FDIC also works with several inter-agency groups, such as the BSA\n         Advisory Group, the FFIEC BSA/AML Working Group, the National Bank Fraud\n         Working Group, and the Terrorist Finance Working Group, to help combat issues\n         and concerns related to compliance with the BSA, USA PATRIOT Act, and anti-\n         fraud and terrorist finance groups.\n\nCoordination with CSBS and the State Regulatory Agencies. The FDIC works\nclosely with state banking departments, as well as the CSBS, to promote efficiency and\nuniformity in the bank examination process. The FDIC has cooperative agreements with\nmost states to conduct joint or alternating risk management examinations. If a state\nsupervisor responsible for an examination has scheduling, staffing, or other resource\nconstraints that may negatively impact the statutory examination frequency requirement\nfor a financial institution, the FDIC will work with the state supervisor to make sure that\nany delinquent examination is scheduled and completed. When appropriate, the FDIC\nmay conduct the examination instead of the state supervisor.\n\nUnder the FDI Act, the FFIEC is responsible for issuing guidelines and establishing\nstandards for determining the adequacy of state examinations. The FFIEC guidelines for\nrelying on state examinations, issued in June 1995, stipulate that the federal banking\nagencies will \xe2\x80\x9caccept and rely on state examination reports in all cases in which it is\ndetermined that state examinations enable the federal banking agencies to effectively\ncarry out their supervisory responsibilities.\xe2\x80\x9d The FDIC\xe2\x80\x99s acceptance of a state\nexamination report is based on the following criteria:\n\n     \xef\x82\xb7   The completeness of the state examination report.\n\n     \xef\x82\xb7   The adequacy of documentation maintained by state examiners to support\n         observations made in examination reports.\n\n     \xef\x82\xb7   The ability over time of a state banking department to achieve examination\n         objectives and the FDIC\xe2\x80\x99s consideration of the adequacy of state budgeting,\n         examiner staffing and training, and the overall review and follow-up examination\n         process of a state banking department.\n\n     \xef\x82\xb7   Accreditation16 of a state banking department by the CSBS.\n\n     \xef\x82\xb7   The adequacy of any formal or informal arrangement or working agreement\n         between a state banking department and the FDIC.\n\n\n\n16\n  The CSBS Accreditation Program involves a comprehensive review of the critical elements that assure\nthe ability of a state banking department to discharge its responsibilities through an investigation of its\nadministration and finances, personnel policies and practices, training programs, examination policies and\npractices, supervisory procedures, and statutory powers.\n\n                                                     25\n\x0cProtocols for Questioning FDIC Examination Results\nAccording to the FDIC, financial institutions should expect examination findings to be\nfair, fact-based, and consistent with FDIC policies and procedures. Nevertheless,\ninstitutions have multiple avenues available to question examination results when\nagreement between examiners and bankers cannot be reached. These avenues include\ninformal channels for raising examination-related concerns directly with RMS and DCP\nofficials and formal channels for requesting division-level review by RMS, DCP, or\nOCFI and for appealing material supervisory determinations to the SARC. Additionally,\nan ALJ is available to conduct hearings related to formal enforcement actions. Bankers\nmay also contact the FDIC\xe2\x80\x99s Central Call Center, OO, or other offices, as discussed later\nin this report.\n\nBased on our review of the formal processes, the frequency of division-level reviews and\nSARC appeals by FDIC-supervised institutions is low, and it is rare that these reviews\nand appeals result in overturning a material supervisory determination. Additionally, we\nnoted that two-thirds of the reviews and appeals submitted during 2007-2011 exceeded\nself-imposed FDIC timeframes.\n\nThe FDIC informed institutions of the various channels available for resolving\nexamination concerns in FIL-13-2011, Reminder on FDIC Examination Findings, issued\nin March 2011, as follows:\n\n       The FDIC encourages financial institutions to provide feedback on FDIC\n       examinations, Reports of Examination, and other supervisory processes. An open\n       dialog with bank management is critical to ensuring the supervisory process is\n       effective in promoting an institution\xe2\x80\x99s strong financial condition and safe-and-\n       sound operation. If an institution disagrees with examination findings, it should\n       address those concerns through communication with the examiner, field office\n       management, or the appropriate regional office staff. Division-level informal\n       reviews are also available. If informal efforts to resolve disagreements are not\n       successful, an institution may pursue a formal supervisory appeal.\n\nAdditionally, the FIL states:\n\n       Institutions with concerns about examination findings, assigned ratings, or other\n       supervisory determinations reached by the FDIC often find that the most effective\n       method for understanding the FDIC\xe2\x80\x99s conclusions is to discuss the matter with the\n       EIC or contact the appropriate field or regional office. Banks can informally\n       contact FDIC offices by telephone or email, or request a meeting in-person.\n       Institutions also can express concerns as part of their examination response letter\n       or other correspondence. If an institution is unable to resolve its concerns with\n       the regional office or believes that its regional office is not carrying out FDIC\n       policies in the manner intended by the Chairman or Division management, it is\n       encouraged to contact the appropriate Division Director for an informal review.\n\n\n\n                                           26\n\x0cThe FIL provides contact information for the RMS and DCP Division Directors, as well\nas contact information for the FDIC\xe2\x80\x99s OO and the six regional office ombudsmen.\nAccording to RMS regional office management, institutions frequently communicate\nwith examiners and field and regional office officials, resulting in a constructive and\nrobust examination and supervisory process.\n\nInformal Protocols\nInformal discussions generally take place prior to the issuance of a final examination\nreport but may occur at any time. These discussions may involve various levels and\nprocesses within RMS17 and include members of the examination team, field office staff,\nregional office staff, and a Post-Examination Survey.\n\nFDIC examiners engage in ongoing dialogue with bank officials during examinations to\ndiscuss preliminary findings and provide management with an opportunity to respond, so\nthat all perspectives are appropriately considered. At the bank\xe2\x80\x99s discretion, concerns\nabout examination findings can be raised to the field office supervisor or the regional\noffice, including the regional directors and deputy regional directors, as these individuals\nare actively involved in working with institutions as significant matters arise.\n\nThe sections below provide an overview of the opportunities available for bankers to\nraise concerns and facilitate dialogue on potential disagreements during and outside of\nthe examination process.\n\nBefore and During the Onsite Examination\n\nThe Examination Manual identifies ongoing communication between the examination\nstaff and bank management as a critical element of effective bank supervision. During\npre-examination planning, the FDIC notifies bank management of the examination start\ndate for onsite fieldwork and sends an information request to obtain data on the bank\xe2\x80\x99s\nloan portfolio and other activities. The EIC also schedules a pre-examination contact\nwith bank management to identify economic conditions impacting the bank\xe2\x80\x99s financial\ncondition, operational and functional changes, and what senior bank management\nconsiders to be the highest risk areas.\n\nInformal meetings are held as needed throughout the examination to discuss various\ntopics and to gain management\xe2\x80\x99s perspective on local economic conditions and bank-\nspecific issues. The Examination Manual indicates that all major examination issues\nshould be discussed with senior management as soon as practical during an examination.\nThe Examination Manual also instructs examiners to encourage the institution\xe2\x80\x99s board\nmembers to attend any or all meetings conducted during the examination to improve\n\n\n17\n  Since the functions of RMS and DCP were combined in one division until February 2011, we confirmed\nwith DCP management that its compliance/CRA examination processes were consistent with the processes\nfollowed by RMS. At the regional and field office levels, both RMS and DCP staff continue to report to\nthe same regional directors.\n\n\n\n                                                  27\n\x0ccommunication with board members and increase their knowledge of the examination\nprocess.\n\nExit Meeting with Management\n\nThe last step of the onsite phase of the examination is an exit meeting with management.\nAccording to the Examination Manual, examiners should thoroughly discuss their\nfindings and recommendations with senior bank management prior to the conclusion of\nthe examination. Exit meetings should fully apprise bank management of all deficiencies\nand recommendations that will be cited in the examination report. Such meetings are\ncritical in communicating examination findings to the bank and providing management\nan opportunity to respond.\n\nFollowing the Onsite Examination\n\nWhile RMS supervisory review of the draft examination report is in process, there may\nbe further discussions with bank management or the bank\xe2\x80\x99s BOD, especially if the\nexamination findings warrant some level of supervisory or enforcement action. During\nthis time, bank management is welcome to discuss any continuing concerns with field\nand/or regional office management.\n\nMeetings with Directors. Examination results are usually presented at a meeting of the\nbank\xe2\x80\x99s BOD or a BOD committee. According to the Examination Manual, the FDIC\xe2\x80\x99s\npolicies for meetings with BODs are designed to encourage director involvement in, and\nenhance director awareness of, FDIC supervisory efforts and to increase the effectiveness\nof such efforts.\n\nAfter issuance of the final examination report, each BOD member is expected to read the\nreport in its entirety and sign a signature page in the report, acknowledging that they have\npersonally reviewed the contents of the report. The BOD review should be recorded in\nthe board minutes, and the signed report should be maintained in the bank\xe2\x80\x99s records. All\nreport contents and ratings are confidential.\n\nPost-Examination Survey. To assist RMS and DCP in improving the quality and\nefficiency of their examination processes, the FDIC asks each institution at the end of an\nexamination to complete a Post-Examination Survey. This survey allows the bank to\nprovide feedback on the examination process. The survey is Web-based, and an access\ncode is provided with the final examination report. The individual results of the survey\nare confidential. The FDIC\xe2\x80\x99s DIR prepares a report providing the aggregated responses\nreceived each calendar quarter.\n\nThe survey covers five general areas:\n\n   \xef\x82\xb7   pre-examination process results and timeframes;\n   \xef\x82\xb7   examiners\xe2\x80\x99 communications, expertise, and responsiveness;\n   \xef\x82\xb7   examination process results and timeframes;\n   \xef\x82\xb7   examination report clarity, accuracy, and usefulness; and\n\n\n                                            28\n\x0c     \xef\x82\xb7   overall benefits and fairness of the examination.\n\nIn addition, an FDIC headquarters official will contact the banker if requested on the\nsurvey form. In 2011, 22 bankers requested a contact, but RMS and DCP officials\nindicated that no issues were raised of a material concern.\n\nDIR\xe2\x80\x99s desired response rate for the Post-Examination Survey is 70 percent. However, for\nthe period covered by our audit, the highest response rate was 45 percent for the third\nquarter of 2007 and the lowest response rate was 28 percent for the third quarter of 2010.\nEach RMS regional office receives the quarterly aggregate results and is expected to take\naction to address any issues that arise from the survey.\n\nFormal Protocols for Appealing Material Supervisory\nDeterminations\nAfter issuance of the final examination report, institutions can pursue their concerns\nthrough the formal review and appeals processes. Section 309(a) of the Riegle\nCommunity Development and Regulatory Improvement Act of 1994 (Riegle Act)\nrequired the FDIC and the other federal banking agencies to:\n\n     \xef\x82\xb7   establish an independent intra-agency appellate process to review material\n         supervisory determinations,\n\n     \xef\x82\xb7   ensure that an appeal of a material supervisory determination by an insured\n         depository institution is heard and decided expeditiously, and\n\n     \xef\x82\xb7   ensure that appropriate safeguards exist for protecting appellants from retaliation\n         by agency examiners.\n\nThe Riegle Act defines the term \xe2\x80\x9cindependent appellate process\xe2\x80\x9d as a review by an\nagency official who does not directly or indirectly report to the agency official who made\nthe material supervisory determination under review. The FDIC adopted its original\nGuidelines for Appeals of Material Supervisory Determinations18 (Guidelines for\nAppeals) in 1995 to establish operational procedures for a division-level review process\nand an independent SARC appeals process.\n\nDefinition of Material Supervisory Determinations\n\nThe term \xe2\x80\x9cmaterial supervisory determinations\xe2\x80\x9d was defined in the Riegle Act to include\ndeterminations relating to:\n\n     \xef\x82\xb7   examination ratings,\n     \xef\x82\xb7   the adequacy of loan loss reserve provisions, and\n\n18\n For additional information regarding the FDIC\xe2\x80\x99s Guidelines for Appeals of Material Supervisory\nDeterminations refer to http://www.fdic.gov/regulations/laws/sarc/. This link also includes information on\nSARC decisions.\n\n                                                    29\n\x0c   \xef\x82\xb7   classifications on loans that are significant to an institution.\n\nThe Riegle Act specifically excluded from the definition any decisions to:\n\n   \xef\x82\xb7   appoint a conservator or receiver for an insured depository institution, or\n   \xef\x82\xb7   take PCA pursuant to section 38 of the FDI Act.\n\nFinally, the Riegle Act expressly provided that the requirement to establish an appeals\nprocess should not affect the authority of the agencies to take enforcement or supervisory\nactions against an institution. The Financial Institutions Reform, Recovery, and\nEnforcement Act of 1989 (FIRREA) had previously established a separate process for the\nlegal review of administrative enforcement proceedings (see the section entitled,\nAdministrative Law Judge Process, later in this report).\n\nIn March 1995, the FDIC\xe2\x80\x99s BOD adopted the Guidelines for Appeals. In addition to the\nstatutory exclusions noted above, the Guidelines for Appeals excluded from the definition\nof material supervisory determinations:\n\n   \xef\x82\xb7   determinations for which other appeals procedures exist (such as determinations\n       relating to deposit insurance assessment risk classifications),\n   \xef\x82\xb7   decisions to initiate formal enforcement actions under section 8 of the FDI Act,\n   \xef\x82\xb7   decisions to initiate informal corrective actions (such as BBRs or MOUs),\n   \xef\x82\xb7   determinations relating to a violation of a statute or regulation, and\n   \xef\x82\xb7   any other determinations not specified in the Riegle Act as being eligible for\n       appeal.\n\nThe Guidelines for Appeals were modified in later years as follows:\n\n   \xef\x82\xb7   in 2004, to change the composition and procedures of the SARC;\n   \xef\x82\xb7   in 2008, to eliminate appeals of the determinations underlying enforcement\n       actions;\n   \xef\x82\xb7   in 2010, to extend the deadlines for divisions to respond to requests for review\n       and the time available to the SARC for reviewing and notifying the institution in\n       writing of its decision; and\n   \xef\x82\xb7   in 2012, to reflect various legislative and organizational changes.\n\nThe FDIC distributed the revised Guidelines for Appeals to all FDIC-supervised financial\ninstitutions through FILs.\n\nRequests for Review\n\nAmong other changes, the Guidelines for Appeals were revised in 2012 to reflect FDIC\norganizational changes that became effective in February 2011, recognizing that matters\nsubject to appeal could pertain to RMS, DCP, or OCFI. FDIC-supervised institutions\nmust request a review of material supervisory determinations through RMS, DCP, or\nOCFI before an appeal is made to the SARC.\n\n\n                                              30\n\x0cUnder the Guidelines for Appeals, an institution may file a request for review of a\nmaterial supervisory determination with the division or office that made the\ndetermination within 60 calendar days following the institution\xe2\x80\x99s receipt of an\nexamination report containing a material supervisory determination or other written\ncommunication of a material supervisory determination. Institutions are encouraged to\nattempt to resolve the dispute with the FDIC examiner or applicable regional/area office\nbefore filing a request for review with the appropriate director.\n\nA request for review must be in writing and include:\n\n     \xef\x82\xb7    a detailed description of the issues in dispute,\n     \xef\x82\xb7    how resolution of the dispute would materially affect the institution,\n     \xef\x82\xb7    whether a good-faith effort was made to resolve the dispute with the onsite\n          examiner and the regional office, and\n     \xef\x82\xb7    a statement that the institution\xe2\x80\x99s BOD has considered the merits of the request and\n          has authorized that it be filed.\n\nThe Guidelines for Appeals call for the division or office director to issue a written\ndetermination on the request for review, setting forth the grounds for that determination,\nwithin 45 days of receipt of the request.19 No appeal to the SARC is allowed unless an\ninstitution has first filed a timely request for review with the appropriate division or\noffice director.\n\nFrequency and Results of Requests for Review. For the 5-year period ended\nDecember 31, 2011, FDIC-supervised institutions submitted 41 requests for review of\nmaterial supervisory determinations. Of that total, 23 requests were related to risk\nmanagement examinations and 18 were related to compliance/CRA examinations.\nTable 6 shows the frequency of these requests from 2007 to 2011.\n\n Table 6: Frequency and Types of Requests for Review, 2007-2011\n     Year        Risk Management               Compliance/CRA                       Totals\n      2007                  1                           7                               8\n      2008                  4                           3                               7\n      2009                  3                           2                               5\n      2010                  7                           4                              11\n      2011                  8                           2                              10\n     Totals                23                           18                             41\n Source: RMS Risk Management Examinations Branch. RMS provided information on all division-\n level appeals submitted by FDIC-supervised institutions during 2007-2011, including any that would\n have been applicable to DCP or OCFI in 2011.\n\n\n\n\n19\n  In April 2010, the timeframe for the appropriate director to issue a decision following a filing of a request\nfor review was extended from 30 days to 45 days. There are no specific timeframes established by law.\n\n                                                      31\n\x0cOf the 41 requests, 28 were completed as follows: 24 were denied, 3 risk management\nrequests were partially sustained, and 1 compliance/CRA request was sustained. The\nremaining 13 requests were not completed for the following reasons:\n\n   \xef\x82\xb7   8 requests were found to be not appealable under the Guidelines for Appeals,\n   \xef\x82\xb7   4 requests were withdrawn by the institution, and\n   \xef\x82\xb7   1 institution was closed.\n\nAccording to FDIC officials, most requests are denied because the applicable division\ndirector usually finds that the material supervisory determinations were consistent with\nFDIC policy.\n\nAdditionally, regarding the timeframes for processing the 28 completed requests, 20 of\nthese requests were processed under the original 30-day timeframe, and 8 of these\nrequests were processed under the revised 45-day timeframe established in April 2010.\nOf the 20 requests processed under the original timeframe, 18 requests exceeded the\ntimeframe, of which 12 exceeded the timeframe by up to 61 days and 6 exceeded the\ntimeframe by 90 to 383 days. Of the 8 requests processed under the revised timeframe,\n1 request exceeded the timeframe by 4 days.\n\nAppeals to the Supervision Appeals Review Committee\n\nWithin the FDIC, the SARC provides the independent intra-agency appellate process for\nreviewing material supervisory determinations, as required by the Riegle Act. SARC\nmembership consists of three voting members:\n\n   \xef\x82\xb7   one inside FDIC Board member, designated by the FDIC Chairperson, who serves\n       as the Chairperson of the SARC; and\n\n   \xef\x82\xb7   one deputy or special assistant to each of the inside FDIC Board members who\n       are not designated as the SARC Chairperson.\n\nThe FDIC General Counsel is a non-voting member of the SARC. If there are vacancies,\nthe FDIC Chairperson may designate alternate members, provided that they were not\ninvolved in making or affirming the material supervisory determination under review.\n\nAn institution that does not agree with the written determination rendered by the division\nor office director must appeal that determination to the SARC within 30 calendar days\nfrom the date of that determination. An appeal may be dismissed by the SARC if it is not\nfiled in a timely manner, if the basis for the appeal is not discernable from the appeal, or\nif the institution moves to withdraw the appeal.\n\nFrom 2004 to 2010, the Guidelines for Appeals required the SARC to review an appeal\nand notify the institution in writing of its decision \xe2\x80\x9cwithin 60 days from the date the\nappeal is filed, or within 60 days from oral presentation, if held.\xe2\x80\x9d In April 2010, the\nguidelines were changed to require that a SARC meeting be held within 90 days from the\n\n\n                                             32\n\x0cdate of the filing of the appeal, and for the SARC to issue a written decision within\n45 days from the date the SARC meets to consider the appeal.\n\nFrequency and Results of SARC-Level Appeals. Of the 41 division-level requests for\nreview of material supervisory determinations submitted by FDIC-supervised institutions\nduring the 5-year period covered by this audit, 23 were further appealed to the SARC. Of\nthese 23 SARC appeals, 9 were related to risk management examinations and 14 were\nrelated to compliance/CRA examinations. Table 7 shows the frequency and types of\nSARC appeals from 2007 to 2011.\n\n Table 7: Frequency and Types of SARC-Level Appeals, 2007-2011\n   Year         Risk Management           Compliance/CRA      Totals\n   2007                1                         4               5\n   2008                0                         2               2\n   2009                2                         3               5\n   2010                4                         3               7\n   2011                2                         2               4\n  Totals               9                        14              23\n Source: FDIC Legal Division, Executive Secretary Section.\n\n\nOf the 23 appeals, 11 were completed as follows: 4 risk management appeals and 6\ncompliance/CRA appeals were denied and 1 compliance/CRA appeal was partially\nsustained. The remaining 12 appeals were not completed for the following reasons:\n\n    \xef\x82\xb7   9 appeals were found to be not appealable under the Guidelines for Appeals,\n    \xef\x82\xb7   2 institutions were closed, and\n    \xef\x82\xb7   1 institution withdrew its appeal.\n\nIn reviewing the SARC determinations for appeals that were denied, we noted that the\nappeals related to risk management examinations were generally denied because the\nSARC found that component and composite ratings were fully supported, loan\nclassification decisions were well-founded, growth limitations were properly imposed,\nand interest rate restrictions were correct. With respect to compliance/CRA\nexaminations, the SARC found that compliance ratings were well-founded and consistent\nwith regulatory requirements, there was a reasonable basis for citing violations, and the\nbank\xe2\x80\x99s CRA performance was appropriately evaluated. These determinations provide\nevidence that the SARC is considering the underlying merits of both the institution and\nthe examiners\xe2\x80\x99 positions and, as such, is considering the substance of the disagreement\nand not simply whether or not the examiners followed established policy.\n\nRegarding the timeframes for processing the 11 completed SARC appeals, 8 appeals\nwere filed before the April 2010 timeframe revisions and 3 appeals were filed\nafterwards. Of the 8 appeals, 7 exceeded the 60-day decisional deadline after the oral\nhearing, with 3 appeals exceeding the deadline by 2 to 37 days and 4 appeals exceeding\nthe deadline by 71 to 128 days. The 3 appeals filed after the April 2010 timeframe\nrevisions were all completed by the SARC within the 135-day combined timeframe\nallowed by the April 2010 revisions.\n\n\n                                                   33\n\x0cRegarding the requests for review and SARC appeals that exceeded the applicable\ntimeframes in 2007-2009, RMS officials stated that these instances were largely due to\nthe workload associated with the financial crisis and related CAMELS rating changes.\nSince the timeframe changes were implemented in April 2010, the FDIC has\nsatisfactorily met the new timeframes with one minor exception and no further\nadjustments to the timeframes are expected.\n\nOther Avenues for Questioning Examination Results\nIn addition to the informal and formal appeals processes, FDIC-supervised institutions\nhave other avenues for questioning examination results, including the ALJ, the OO, and\nother components of the FDIC.\n\nAdministrative Law Judge Process\n\nFIRREA directed the federal banking agencies to \xe2\x80\x9cestablish their own pool of\nadministrative law judges\xe2\x80\x9d to conduct hearings related to formal enforcement actions. In\n1991, OFIA was created as the executive body responsible for processing administrative\nenforcement proceedings brought by the FDIC, OCC, FRB, or NCUA.20 After an agency\ninitiates a public administrative proceeding, it refers the case to OFIA. The OFIA ALJ\nthen conducts public hearings at locations throughout the United States in a manner\nsimilar to non-jury trials in the federal district courts. The ALJ prepares a recommended\ndecision to the Board or Comptroller of the appropriate federal banking agency, with\nfactual findings and legal conclusions that are matters of public record. The parties may\nfile exceptions to the recommended decision with the Board or Comptroller of the\nappropriate federal banking agency, which can affirm, reverse, modify, set aside, or\nremand the matter for further proceedings. Any appeals of a final federal banking agency\naction are made to a United States Circuit Court of Appeals.\n\nTable 8 shows the number and status of FDIC enforcement action cases that were\nreferred to OFIA in 2007-2011.\n\n\n\n\n20\n  OFIA also adjudicated cases brought by the Office of Thrift Supervision before it was abolished in July\n2011.\n\n                                                    34\n\x0c Table 8: FDIC Enforcement Action Cases Referred to OFIA, 2007-2011\n                      Status                             2007     2008    2009    2010    2011\n Settled Before Hearing                                             1      11      10      11\n Pending Hearing                                                                            4\n Hearing Held:\n  - Upheld FDIC Decision on the Merits                     1        1        1\n  - Defaulted to FDIC Decision                                      1                1\n    (respondent did not appear)\n  - Terminated by ALJ*                                                               1*\n  - Decision Pending                                                                 1      2\n Total Cases                                               1        3      12       13     17\n Source: FDIC Legal Division, Supervision Branch.\n * ALJs may terminate cases involving CMPs in which the respondent fails to respond, as\n happened in this case. As a result, the FDIC proceeded with the CMP.\n\nAs indicated in Table 8, most FDIC enforcement action cases referred to OFIA were\nsettled with the institution before a hearing took place, while cases with ALJ hearings\nhave generally been resolved in the FDIC\xe2\x80\x99s favor. There are also three cases from 2010-\n2011 for which the ALJ\xe2\x80\x99s decision is pending.\n\nOffice of the Ombudsman\n\nWithin the FDIC, the OO serves as an independent, neutral, and confidential resource and\nliaison for the banking industry and the general public. However, the OO is not an\nappeals function. The OO is organizationally separate from other FDIC divisions and\noffices, enabling the Office to operate free from the influence, control, or guidance of the\nFDIC program areas.\n\nThe OO instructs its staff to respond to inquiries about the FDIC in a fair, impartial, and\ntimely manner. The office researches questions and considers complaints from bankers\nand bank customers. Contact with the OO does not prevent an inquirer from pursuing\nformal resolution channels within the FDIC, nor does it constitute initiation of a formal\ncomplaint, grievance, or appeal process, or forestall the time limits for pursuing formal\nresolutions that are established within those formal processes.\n\nThe OO serves as a neutral advocate for fair processes. In that role, OO staff assists in\nidentifying options to resolve disputes, but does not take sides with respect to the\noutcome. The office\xe2\x80\x99s ability to compile information, negotiate effective resolutions, and\nprovide options is dependent upon its status as a neutral and independent entity.\n\nThe OO also has regional ombudsmen in place in all six FDIC regional offices. The\nregional office ombudsmen are responsible for an outreach program that seeks to make\ncontact with all FDIC-supervised institutions. Table 9 presents the frequency with which\nbankers expressed concerns about various types of FDIC examinations during outreach\nmeetings in 2007-2011.\n\n\n\n\n                                                   35\n\x0c Table 9: Examination Concerns Noted During Outreach Meetings, 2007-2011\n                Area of Concern                   2007   2008   2009   2010     2011\n Risk Management                                    36    48     21     30       71\n Compliance                                          3     2      2     10       17\n Community Reinvestment Act                          3     1      0       0        3\n Specialty Examinations                             10     1      0       2        1\n General Examination Process                       145    86     30     48        67\n  Total Instances                                  197   138     53      90     159\n Source: FDIC OO.\n\n\nIn addition, OO representatives are present at all bank closings to provide accurate\ninformation to bank customers, the media, bank employees, and the general public.\n\nThe OO prepares a quarterly report for the FDIC\xe2\x80\x99s divisions and offices summarizing\ntopics and issues raised through the OO\xe2\x80\x99s various outreach activities and contacts from\nthe public and banking industry. The OO\xe2\x80\x99s fourth quarter 2011 report indicated that\ncommon concerns or complaints from bankers included:\n\n   \xef\x82\xb7   frustration regarding the focus of examinations,\n   \xef\x82\xb7   varying interpretations of regulations by examiners, and\n   \xef\x82\xb7   apprehension about consumer regulations resulting from the Dodd-Frank Act.\n\nMany of the OO\xe2\x80\x99s contacts originate from its toll-free number. In addition, the OO\nreceives some calls through the FDIC Central Call Center in Arlington, Virginia. The\nCall Center is one of many FDIC resources available to the banking community for\ngeneral questions. Other resources include field supervisors and examiners, RMS case\nmanagers and DCP review examiners, and other supervisory personnel at the regional or\nheadquarters offices. Based on the information it receives from various sources, the OO\nmay suggest ways to improve FDIC operations, regulations, and customer service;\nhowever, because of its confidentiality mandate, the OO is unable to provide specific\ninformation regarding which banks have expressed concerns.\n\nTable 10 summarizes the frequency of contacts and several of the major issue areas noted\nby OO staff for the period 2007-2011.\n\n\n\n\n                                            36\n\x0c Table 10: Summary of OO Contacts by Major Issue Areas, 2007-2011\n             Issue Area                2007         2008        2009        2010        2011\n Bank Examinations\n  - Risk Management/Specialty                 22           17          24          27          28\n  - Compliance/CRA                             8            8           7          22          19\n  - General Examination Process               21           12          11           4           9\n Working Relationships and                     5            8           8          21          22\n  Communication\n Material Supervisory                          4            5           4           5           3\n  Determinations\n Appraisals                                20           16           4           7           21\n Other Regulatory Matters                 506          412         187         289          274\n  Total for Issue Areas Above             586          478         245         375          376\n  Other Contacts                          317          414         362         513          453\n  Total Contacts                          903          892         607         888          829\n Source: FDIC OO and the Ombudsman Automated Tracking System (OATS).\n\n\nOther Points of Contact\n\nThe FDIC Office of Legislative Affairs (OLA) receives inquiries and requests from the\nCongress related to community banks, including requests forwarded from banks or bank\nassociations. OLA works with appropriate division and office personnel to respond fully\nand promptly to these inquiries and requests. Additionally, bankers may sometimes\ndirectly contact the RMS or DCP Directors or the Office of the Chairman to discuss\nvarious issues and concerns.\n\n\nFDIC Initiatives Related to Community Banks\nWhile not directly related to our audit objectives, we considered it important to discuss\nvarious initiatives undertaken by the FDIC to further its dialogue and efforts to better\nunderstand the challenges and opportunities facing community banks. Recognizing that\ncommunity banks play a crucial role in the nation\xe2\x80\x99s financial system and economy, the\nFDIC Acting Chairman views the FDIC as having a responsibility to use its resources to\ngain a better understanding of the challenges facing community banks and to share that\nunderstanding with the banks as well as the general public.\n\nFDIC Advisory Committee on Community Banking\nIn May 2009, the FDIC BOD approved the establishment of the FDIC Advisory\nCommittee on Community Banking, which provides the FDIC with advice and\nrecommendations on a broad range of policy issues impacting small community banks\nthroughout the country. The Committee reviews various matters that include the latest\nexamination policies and procedures, lending practices, and regulatory compliance issues,\nas well as any obstacles to the continued growth and ability of community banks to\nextend financial services in their local markets in the current environment.\n\n\n\n                                               37\n\x0cThe majority of the members of the Committee represent community banks of various\nsizes and charter types, including a cross-section of institutions from different regions of\nthe country. Other members of the Committee may include representatives of the public\nsector, small businesses, non-for-profit community organizations, or other entities that\nrely on community banks to provide credit and other banking services in their\ncommunities, as well as one or more representatives from academic institutions.\n\nOther Initiatives\nThe Acting Chairman has taken additional steps to ensure that the FDIC and others\nsignificant to the financial industry identify and discuss important community\nbanking-related issues and take action to address those issues. These steps include:\n\n   \xef\x82\xb7   dialogues with community bankers and the stakeholders of community banks,\n   \xef\x82\xb7   a Future of Community Banking conference held at the FDIC in early 2012,\n   \xef\x82\xb7   research projects focused on community banks and their local economies,\n   \xef\x82\xb7   streamlined supervision and rulemaking processes, and\n   \xef\x82\xb7   the collection of information regarding the obstacles that financial institutions\n       face in making loans available to creditworthy borrowers.\n\nIn consideration of recent and forthcoming regulatory changes, the FDIC is also\ndeveloping guidance for its examiners that considers the needs of community banks to\nhelp them understand and appropriately implement new and revised rules and regulations.\n\nTo reinforce the importance of these community banking initiatives, the 2012 FDIC\nPerformance Goals include a specific goal to \xe2\x80\x9cDeepen the FDIC\xe2\x80\x99s Understanding of the\nFuture of Community Banking.\xe2\x80\x9d As a performance goal, the results of the FDIC\xe2\x80\x99s\ncommunity banking initiatives will be measured and tracked to assess the Corporation\xe2\x80\x99s\naccomplishments.\n\n\nCorporation Comments and OIG Evaluation\nSubsequent to the issuance of our draft report, FDIC officials provided additional\ninformation for our consideration, and we revised our report to reflect this information, as\nappropriate. On August 29, 2012, the RMS Director provided a written response to a\ndraft of this report on behalf of the Corporation. That response is provided in its entirety\nin Appendix 9.\n\nIn the response, the RMS Director noted the thoroughness of the draft report and\nconcurred with our observations about increased examination cycle and report processing\ntimeframes. The Director also acknowledged the information in the report regarding\nquality control practices that promote consistency in the examination process and\nencourage examiners and bankers to informally resolve disputes during examinations.\nConcerning our observations on the formal dispute resolution process, the Director\nconfirmed that changes to the decisional deadlines have enabled formal reviews and\nappeals to be processed within applicable timeframes.\n\n                                             38\n\x0c                                                                             Appendix 1\n\n              Objectives, Scope, and Methodology\nObjectives\n\nOur audit objectives were to report on:\n\n     \xef\x82\xb7     the FDIC\xe2\x80\x99s examination process for small community banks, including\n           examination timelines and how the FDIC ensures consistency in the\n           administration of examinations across the country; and\n\n     \xef\x82\xb7     the ability of FDIC-supervised institutions to question examination results,\n           such as through the OO, the appeals process, or informal channels, and the\n           frequency and success of such appeals.\n\nWe conducted this performance audit from March 2012 to August 2012 in accordance\nwith generally accepted government auditing standards. Those standards require that we\nplan and perform the audit to obtain sufficient, appropriate evidence to provide a\nreasonable basis for our findings and conclusions based on our audit objectives.\nConsistent with our audit objectives, we did not conduct tests to conclude on (1) the\nadequacy or effectiveness of the FDIC\xe2\x80\x99s examination or appeals processes, (2) actions\ntaken by the FDIC to address any prior self-identified deficiencies in its examination and\nappeals processes, or (3) matters included in prior audit reports. Although our audit\nobjectives did not require us to develop findings and conclusions, we believe that the\nevidence obtained provides a reasonable basis for our observations in this report.\n\nScope and Methodology\n\nThe scope of our review, 2007-2011, was selected to take into account examination\ntimeframes and appeals processes both before and during the financial crisis. Our\nmethodology included data-gathering techniques to obtain an understanding of the\nFDIC\xe2\x80\x99s overall examination and supervision activities and the ability of FDIC-supervised\nfinancial institutions to question examination results.\n\nTo achieve the objectives, we performed the following procedures and techniques:\n\n     \xef\x82\xb7     Interviewed and obtained specific statistical information from RMS, DCP,\n           Legal Division, and OO headquarters officials.\n\n     \xef\x82\xb7     Interviewed RMS officials in the Atlanta, Chicago, and Dallas Regional\n           Offices, and the OFIA ALJ.\n\n     \xef\x82\xb7     Interviewed a Legal Division official from the Atlanta Regional Office.\n\n\n\n\n                                            39\n\x0c                                                                             Appendix 1\n\n             Objectives, Scope, and Methodology\nIn addition, we reviewed:\n\n     \xef\x82\xb7     examination manuals such as the Risk Management Manual of Examination\n           Policies, Compliance Examination Manual, Case Manager Procedures\n           Manual, and Formal and Informal Action Procedures Manual;\n\n     \xef\x82\xb7     information regarding the benchmarks and actual hours spent on examinations\n           and the average turnaround days for RMS and DCP examinations, including\n           the number of days spent onsite, for report processing, and the total\n           examination cycle (i.e., combined onsite and report processing time);\n\n     \xef\x82\xb7     information from the FDIC\xe2\x80\x99s Web site related to controls that the Corporation\n           has implemented to address examination and supervision consistency,\n           including applicable laws and rules and regulations, policies, procedures,\n           examiner and financial institution guidance, examiner training activities,\n           supervisory review, supervisory and enforcement actions, and quality\n           assurance activities;\n\n     \xef\x82\xb7     information related to the FDIC\xe2\x80\x99s policies, procedures, and processes for\n           financial institutions to informally and formally question examination results;\n\n     \xef\x82\xb7     FDIC participation in, and coordination with, external councils, including the\n           FFIEC and other working groups;\n\n     \xef\x82\xb7     statistical data on the number, days, and resolution of appeals filed by FDIC-\n           supervised financial institutions;\n\n     \xef\x82\xb7     numerical data on the number of contacts with bankers and the public handled\n           by the OO; and\n\n     \xef\x82\xb7     information on the FDIC\xe2\x80\x99s initiatives related to community banks.\n\n\nInternal Control, Reliance on Computer-processed Information,\nPerformance Measurement, and Compliance with Laws and Regulations\n\nWe gathered information regarding the FDIC\xe2\x80\x99s internal control framework for risk\nmanagement and compliance/CRA examinations. However, consistent with the stated\naudit objectives, we did not assess the FDIC\xe2\x80\x99s overall internal control or management\ncontrol structure. We obtained data maintained by the RMS Business Analysis and\nDecision Support Section on examination timeframes, which was largely drawn from\n\n\n\n\n                                            40\n\x0c                                                                                         Appendix 1\n\n                Objectives, Scope, and Methodology\nViSION,21 and we also obtained data maintained by the OO in OATS on contacts with\nbankers and the public. However, we did not assess the effectiveness of information\nsystem controls as this was not part of our audit objectives. We also obtained informal\ndata maintained by RMS and the Legal Division pertaining to appeals and ALJ cases, and\nwe verified the data against the available hardcopy files provided to us on appeals.\n\nThe Government Performance and Results Act of 1993 (the Results Act) directs\nExecutive Branch agencies to develop a customer-focused strategic plan, align agency\nprograms and activities with concrete missions and goals, and prepare and report on\nannual performance plans. For this audit, we reviewed the FDIC Strategic Plan 2008-\n2013, 2011 Annual Performance Plan, and 2012 Annual Performance Plan. We also\nreviewed RMS\xe2\x80\x99s 2010 Performance Results. We did not assess the strengths and\nweaknesses of the FDIC\xe2\x80\x99s strategic and annual plans or the Corporation\xe2\x80\x99s mission and\ngoals in meeting the requirements of the Results Act because such an assessment was not\npart of the audit objectives.\n\nRegarding compliance with laws and regulations, we did not perform tests to determine\nwhether the FDIC had complied with provisions of the FDI Act, the Riegle Act, the\nDodd-Frank Act, or the FDIC Rules and Regulations as such an assessment was not\nnecessary to achieve the audit objectives. Additionally, we did not specifically assess the\nrisk of fraud and abuse related to our objectives. However, during the audit, we were\nalert to the possibility of fraud and illegal acts, and no instances came to our attention.\n\n\n\n\n21\n  See the FDIC OIG\xe2\x80\x99s audit report, Reliability of Supervisory Information Accessed Through the Virtual\nSupervisory Information on the Net (ViSION) System (AUD-08-019, dated September 25, 2008), for\nrecommendations made to enhance the accuracy of data in ViSION.\n\n\n                                                   41\n\x0c                                                                                             Appendix 2\n\n                  The FDIC\xe2\x80\x99s Examination Processes\nRisk Management Examination Process\n\nRMS conducts risk management examinations to ensure that the institutions it supervises\nare operating in a safe and sound manner and are complying with banking laws and\nregulations in the provision of financial services.22 Section 10(d) of the Federal Deposit\nInsurance Act (the FDI Act) requires periodic, full-scope, onsite examinations of each\ninsured depository institution. These examinations serve to evaluate an institution\xe2\x80\x99s\noverall risk exposure and its ability to identify and manage those risks.23\n\nOn October 1, 1997, the FDIC, in conjunction with the FRB and Conference of State\nBank Supervisors, began implementing a risk-focused examination process designed to\nfocus their examinations on bank functions that posed the greatest risk exposure. The\nrisk-focused examination process attempts to assess an institution\xe2\x80\x99s risk by evaluating its\nprocesses to identify, measure, monitor, and control risk. If management controls are\nproperly designed and effectively applied, they should help ensure that satisfactory\nperformance is achieved. In a rapidly changing environment, a bank\xe2\x80\x99s condition at any\ngiven point in time may not be indicative of its future performance. The risk-focused\nexamination process seeks to strike an appropriate balance between evaluating the\ncondition of an institution at a certain point in time and evaluating the soundness of the\ninstitution\xe2\x80\x99s processes for managing risk.\n\nThe examination process can be separated into three distinct phases: pre-examination\nplanning, onsite fieldwork, and development and review of the examination report. A\nbrief description of these phases follows.24\n\nPre-Examination Planning. According to the FDIC\xe2\x80\x99s Examination Manual, thorough\npre-examination planning is critical to the efficient completion of an examination. Pre-\nexamination planning helps support decisions on the work to be performed and areas to\nreceive special attention. Such planning also helps determine staffing needs regarding\nthe size and expertise of the examination team. To guide its examiners in conducting pre-\nexamination planning, the FDIC has an ED Module entitled, Risk Scoping Activities,\nwhich was developed in conjunction with the FRB and state banking departments. This\nED Module identifies several activities to be completed during pre-examination planning,\nincluding:\n\n     \xef\x82\xb7   reviewing various information sources to identify the significant and higher-risk\n         activities of the bank;\n\n\n22\n   The FDIC may also conduct examinations of state member banks and federally-chartered banks and\nthrifts, when needed for insurance purposes.\n23\n   As noted in the body of the report, examiners also rely on off-site monitoring to identify emerging risks\nand establish supervisory strategies to mitigate them.\n24\n   Refer to http://www.fdic.gov/regulations/examinations/index.html to learn more about how the FDIC\nexamines financial institutions.\n\n\n                                                     42\n\x0c                                                                              Appendix 2\n\n               The FDIC\xe2\x80\x99s Examination Processes\n   \xef\x82\xb7   scheduling a pre-examination contact with bank management to discuss economic\n       conditions, operational changes, and the highest-risk areas;\n\n   \xef\x82\xb7   reviewing the findings of internal and external auditors;\n\n   \xef\x82\xb7   determining the perceived control risks within the bank based on specific internal\n       control weaknesses identified by audits, the prior examination, or other control\n       procedures; and\n\n   \xef\x82\xb7   reviewing information regarding consumer complaints or problems and\n       determining the potential for safety and soundness concerns.\n\nPre-examination planning culminates in the preparation of a scope memorandum, also\ncalled a pre-examination planning memo. According to the ED Module, the scope\nmemorandum should be tailored to the size and complexity of the bank and define the\nobjectives of the examination.\n\nOnsite Fieldwork. Under the risk-focused examination process, FDIC examiners focus\nless on specific transactions and more on an institution\xe2\x80\x99s control processes. Specifically,\nthis examination approach includes:\n\n   \xef\x82\xb7   more focus on BOD and management oversight;\n\n   \xef\x82\xb7   less transaction testing, with a focus on areas identified during pre-examination\n       planning as having the most risk;\n\n   \xef\x82\xb7   a reduced percentage of loans and files reviewed; and\n\n   \xef\x82\xb7   fewer procedures, such as balancing accounts.\n\nThe start of onsite fieldwork is tracked as the Examination Start Date. This date indicates\nwhen the examination commenced, which is the date the examination team begins its\nformal onsite examination of the institution. The Examination Start Date is used to\nmonitor report completion timeframes and compliance with examination frequency\nrequirements.\n\nDevelopment and Review of the Examination Report. The onsite phase of the\nexamination typically concludes with an exit meeting with management and the\nexamination team\xe2\x80\x99s completion of the draft examination report. This date is tracked as\nthe Date Examination Completed, which is the date on which the EIC submits the draft\nreport for RMS supervisory review. The Date Examination Completed is used to monitor\nreport processing timeframes.\n\n\n\n\n                                            43\n\x0c                                                                                Appendix 2\n\n                The FDIC\xe2\x80\x99s Examination Processes\nDepending on the asset size of the bank and its overall CAMELS rating, the draft report\nwill be reviewed by RMS senior officials at the field office and/or regional office before\nit is issued to the institution as a final report. The final report issuance date is tracked as\nDate Mailed, which is when the report is mailed to the bank along with a transmittal letter\nand post-examination survey.\n\nCompliance Examination Process\n\nDCP conducts compliance examinations to:\n\n   \xef\x82\xb7   assess the quality of an FDIC-supervised institution\xe2\x80\x99s compliance management\n       system for implementing federal consumer protection statutes and regulations;\n\n   \xef\x82\xb7   review compliance with relevant laws and regulations; and\n\n   \xef\x82\xb7   initiate supervisory action when elements of an institution\xe2\x80\x99s compliance\n       management system are deficient or when significant violations of law are found.\n\nInstitutions supervised by the FDIC are examined at intervals established by policy\napproved by the FDIC\xe2\x80\x99s Board of Directors. Depending on a combination of their\ncompliance and CRA ratings, DCP conducts compliance examinations of these\ninstitutions in cycles ranging from 12 to 36 months. However, as mandated by the\nGramm-Leach-Bliley Act of 1999, CRA performance evaluations for institutions with\ntotal assets of $250 million or less can be conducted no more often than every 5 years for\ninstitutions rated \xe2\x80\x9cOutstanding\xe2\x80\x9d and no more often than every 4 years for institutions\nrated \xe2\x80\x9cSatisfactory.\xe2\x80\x9d As a result, CRA performance evaluations for these smaller\ninstitutions are usually paired with alternating compliance examinations, while CRA\nperformance evaluations for all other institutions are usually conducted concurrently with\neach compliance examination. Also, the rating systems for compliance and CRA\nexaminations differ, as follows:\n\n   \xef\x82\xb7   compliance examinations provide a rating from 1 to 5, with 1 indicating a strong\n       compliance position and 5 indicating an institution in need of the strongest\n       supervisory attention; while\n\n   \xef\x82\xb7   CRA performance evaluations provide ratings of Outstanding, Satisfactory, Needs\n       to Improve, or Substantial Noncompliance, reflecting the institution\xe2\x80\x99s record of\n       helping to meet the credit needs of its assessment area.\n\nDCP\xe2\x80\x99s compliance examinations blend risk-focused and process-oriented approaches.\nRisk-focusing involves using information gathered about a financial institution to direct\nFDIC examiner resources to those operational areas that present the greatest compliance\nrisks. Concentrating on the institution\xe2\x80\x99s internal control infrastructure and methods,\nwhich is the process used to ensure compliance with federal consumer protection laws\n\n\n                                              44\n\x0c                                                                              Appendix 2\n\n               The FDIC\xe2\x80\x99s Examination Processes\nand regulations, acknowledges that the ultimate responsibility for compliance rests with\nthe institution and encourages examination efficiency.\n\nRisk-focusing involves:\n\n   \xef\x82\xb7   developing a compliance risk profile for an institution using various sources of\n       information about its business lines, organizational structure, operations, and past\n       supervisory performance;\n\n   \xef\x82\xb7   assessing the quality of an institution\xe2\x80\x99s compliance management system in light of\n       the risks associated with the level and complexity of its business operations and\n       product and service offerings; and\n\n   \xef\x82\xb7   testing selected transactions based on risk, such as when an operational area is\n       determined to be high-risk and the institution\xe2\x80\x99s compliance management efforts\n       appear weak.\n\nCompliance examinations primarily involve three stages: pre-examination planning;\nreview and analysis, both offsite and onsite; and communicating findings to institution\nmanagement through meetings and an examination report. Although compliance and risk\nmanagement examinations each have a different focus, the process for conducting\ncompliance examinations follows the same general phases identified above for risk\nmanagement examinations, except that the offsite review and analysis is considered part\nof the second phase. For ease of understanding, we have broken this phase into two parts\nbelow. DCP management confirmed that these compliance examination processes have\nbeen consistent for the 5-year scope of our review. The OIG plans to begin audit\ncoverage of DCP\xe2\x80\x99s operations in 2013.\n\nPre-Examination Planning. Pre-examination planning involves gathering information\navailable in FDIC records and databases, contacting the financial institution to review and\nnarrow the draft request for information and documents, and delivering a letter to the\ninstitution requesting specific information and documents for detailed analysis by the\nexamination team.\n\nReview and Analysis \xe2\x80\x93 Offsite. During the review and analysis phase of a compliance\nexamination, the examiner thoroughly evaluates an institution\xe2\x80\x99s compliance management\nsystem to assess its quality and effectiveness and documents system weaknesses and\nviolations of federal consumer protection laws and regulations. The EIC starts by\nanalyzing information about the type, level, and complexity of the institution\xe2\x80\x99s operations,\nand begins to develop the scope of the examination and plan for resource deployment to\nareas of highest risk. The examination scope will be preliminarily established prior to\nentering the financial institution and should be refined through the results of examiner\ndiscussions with the bank\xe2\x80\x99s senior management, compliance officer, and internal auditor.\n\n\n\n\n                                            45\n\x0c                                                                             Appendix 2\n\n               The FDIC\xe2\x80\x99s Examination Processes\nReview and Analysis \xe2\x80\x93 Onsite. While onsite at the institution, the examiner may limit\nthe scope of the compliance review based on reliable procedures and controls in place.\nSimilarly, the examiner may expand the review based on, for example, management\xe2\x80\x99s\nviews about compliance, a lack of necessary procedures or controls, the presence of\nviolations, or the presence of new or significantly amended regulations. The examiner\nmust consider the size, level, and complexity of an institution\xe2\x80\x99s operations when\nevaluating the adequacy of an institution\xe2\x80\x99s compliance management system. The number\nof transactions selected and the type of sampling used should be relative to the perceived\nrisk and the need to assess the level of compliance in an activity or function.\n\nAt the conclusion of the review and analysis phase, an examiner:\n\n   \xef\x82\xb7   summarizes all findings regarding the strengths and weaknesses of an institution\xe2\x80\x99s\n       compliance management system;\n\n   \xef\x82\xb7   determines the causes of programmatic deficiencies or violations and relates them\n       to the specific weaknesses in the banks\xe2\x80\x99 compliance management system; and\n\n   \xef\x82\xb7   identifies actions necessary to address deficiencies or violations.\n\nDetermining the causes of program deficiencies or violations is critical to recommending\nsolutions that will successfully address problem areas and strengthen an institution\xe2\x80\x99s\ncompliance posture for the future.\n\nCommunicating Findings. During this phase, the examiners must discuss findings and\nrecommendations with management and obtain a commitment for corrective action.\nThese discussions will be held during the course of the examination and at an exit\nmeeting with senior management and/or the institution\xe2\x80\x99s BOD.\n\nThe results of the examination will also be communicated to the BOD and management\nof the institution in an examination report. The examination report provides an account\nof the strengths and weaknesses of a compliance management system. It is more than an\nexception-based document and should add value to the institution\xe2\x80\x99s compliance efforts.\n\nKey dates used to track compliance examinations are the same as for risk management\nexaminations. Specifically, key dates measure the time from the Examination Start Date\n(when the examination team begins onsite work at the institution), to the Date\nExamination Completed (when the draft report is submitted for supervisory review), to\nthe Date Mailed (when the final report is sent to the institution).\n\n\n\n\n                                            46\n\x0c                                                                                                  Appendix 3\n                        Laws and Rules and Regulations\n   Examples of the laws and rules and regulations25 applicable to the FDIC\xe2\x80\x99s examination\n   and supervision processes are provided in Table 11.\n\nTable 11: Examples of Laws and Rules and Regulations Applicable to the FDIC\xe2\x80\x99s Examination\nand Supervision Processes\nLaw or Rules and\n                                                                     Description\n  Regulations\n\nFDI Act Sections\nSection 8              The FDIC may issue the following formal actions: termination of federal deposit insurance; cease-\n                       and-desist/consent actions; removal, prohibition, and suspension actions; and CMPs. Although not\n                       specifically authorized by section 8, the FDIC also may issue informal supervisory actions such as\n                       BBRs and MOUs.\nSection 10(c)          The FDIC may conduct an investigation outside the scope of an examination to obtain information\n                       related to a community bank\xe2\x80\x99s operations and/or its directors, officers, and employees.\nSection 38             This section authorizes the FDIC to issue PCA directives to institutions that are deemed to be in one\n                       of three Undercapitalized categories.26 Section 38 established PCA, which emphasizes early\n                       intervention and regulatory oversight to reduce the prospect of long-term losses to the DIF. PCA\n                       requires or permits certain supervisory actions based upon an insured institution's capital level. As\n                       the financial condition declines, the corrective measures become more stringent. Ultimately, the\n                       appointment of a conservator or a receiver may be required.\n\nFDIC Rules and Regulations\nPart 325 \xe2\x80\x93 Capital Applies to those circumstances for which the FDI Act or the FDIC Rules and Regulations require an\nMaintenance        evaluation of the adequacy of an insured depository institution\xe2\x80\x99s capital structure. The FDIC is\n                   required to evaluate an institution\xe2\x80\x99s capital position before approving various applications by\n                   insured depository institutions. The FDIC must also evaluate capital as an essential component in\n                   determining the safety and soundness of the state nonmember banks it insures and supervises,\n                   including PCA compliance.\nSection 326.8 \xe2\x80\x93    Requires each FDIC-supervised institution to develop and administer a program to ensure\nBSA Compliance     compliance with the BSA and 31 CFR Part 103. The institution\xe2\x80\x99s BOD must approve the\n                   compliance program in writing, and the program should include four minimum requirements: a\n                   system of internal controls, independent testing, designation of individuals responsible for\n                   coordinating and monitoring compliance, and training.\nSection 337.6 \xe2\x80\x93    Section 29 of the FDI Act and Part 337.6 of the FDIC Rules and Regulations address restrictions\nBrokered Deposits  placed on banks deemed to be less than Well Capitalized for PCA purposes, including brokered\n                   deposits and interest-rate risk restrictions.\nPart 364 \xe2\x80\x93         As prescribed by Part 364 of the FDIC Rules and Regulations, the federal banking agencies were\nStandards for      required to establish certain safety and soundness standards by regulation or by guidelines for all\nSafety and         insured depository institutions. More specifically, the FDIC and other federal banking agencies\nSoundness          have established appropriate operational and managerial, compensation, and asset quality, earnings,\n                   and stock valuation standards.\n\n\n   25\n      Refer to http://www.fdic.gov/regulations/laws/rules/index.html for additional information regarding\n   applicable laws and rules and regulations.\n   26\n      Part 325, subpart B, of the FDIC Rules and Regulations, 12 Code of Federal Regulations (CFR)\n   section 325.101, et. seq., implements section 38, Prompt Corrective Action, of the FDI Act, 12 United\n   States Code (USC) section 1831(o), by establishing a framework for determining capital adequacy and\n   taking supervisory actions against depository institutions that are in an unsafe or unsound condition.\n   The following terms are used to describe a financial institution\xe2\x80\x99s capital adequacy: (1) Well Capitalized,\n   (2) Adequately Capitalized, (3) Undercapitalized, (4) Significantly Undercapitalized, and (5) Critically\n   Undercapitalized.\n\n\n                                                         47\n\x0c                                                                                               Appendix 3\n                        Laws and Rules and Regulations\nTable 11: Examples of Laws and Rules and Regulations Applicable to the FDIC\xe2\x80\x99s Examination\nand Supervision Processes\nLaw or Rules and\n                                                                   Description\n  Regulations\n\nConsumer Protection Laws\nCommunity          The Community Reinvestment Act encourages federally insured banks to meet the credit needs of\nReinvestment Act   their entire community. Part 345 of the FDIC Rules and Regulations states that each appropriate\n                   federal financial supervisory agency is required to assess an institution\xe2\x80\x99s record of helping to meet\n                   the credit needs of the local communities in which the institution is chartered, consistent with the\n                   safe and sound operation of the institution, and to take this record into account in the agency's\n                   evaluation of an application for a deposit facility by the institution.\nEqual Credit       The Equal Credit Opportunity Act prohibits certain discriminatory practices, including creditor\nOpportunity Act    practices that discriminate based on race, color, religion, national origin, sex, marital status, or age.\n(Regulation B)\nFair and Accurate  The Fair and Accurate Credit Transaction Act strengthened the country\xe2\x80\x99s national credit reporting\nCredit             system and assists financial institutions and consumers in the fight against identity theft.\nTransaction Act\nFair Housing Act   The Fair Housing Act prohibits discrimination based on race, color, religion, national origin, sex,\n                   familial status, and handicap in residential real-estate-related transactions.\nHome Mortgage      The Home Mortgage Disclosure Act was enacted to provide information to the public and federal\nDisclosure Act     regulators regarding how depository institutions are fulfilling their obligations towards community\n(Regulation C)     housing needs. The regulation requires an institution to report data to its supervisory agency about\n                   home purchase loans, home improvement loans, and refinancings that it originates or purchases, or\n                   for which it receives applications; and to disclose certain data to the public.\nReal Estate        RESPA covers loans secured with a mortgage placed on a one-to-four family residential property.\nSettlement         These include most home purchase loans, assumptions, refinances, property improvement loans, and\nProcedures Act     equity lines of credit. RESPA requires that borrowers receive disclosures at various times. Some\n(RESPA)            disclosures spell out the costs associated with the settlement, outline lender servicing and escrow\n                   account practices, and describe business relationships between settlement service providers.\nTruth in Lending   Contained in Title I of the Consumer Credit Protection Act, the Truth in Lending Act requires\nAct                meaningful disclosure of credit and leasing terms. According to Section 226.1 of the FDIC Rules\n(Regulation Z)     and Regulations, the purpose of the implementing regulations is to promote the informed use of\n                   consumer credit by requiring disclosures about its terms and cost. The regulations also include\n                   substantive protections to consumers.\nUnfair or          Section 5 of the Federal Trade Commission Act (FTC Act) prohibits unfair or deceptive acts or\nDeceptive Acts or  practices in or affecting commerce. The prohibitions apply to all persons engaged in commerce,\nPractices          including banks. The prohibitions do not limit any agency\xe2\x80\x99s authority to enforce the FTC Act with\n(Regulation AA)    respect to any other unfair or deceptive acts or practices. An act or practice is unfair where it causes\n                   or is likely to cause substantial injury to consumers, cannot be reasonably avoided by consumers,\n                   and is not outweighed by countervailing benefits to consumers or to competition. An act or practice\n                   is deceptive where a representation, omission, or practice misleads or is likely to mislead the\n                   consumer or the consumer\xe2\x80\x99s interpretation of the representation, omission, or practice, and the\n                   misleading representation, omission, or practice is material.\nSources: FDIC OIG review of the FDI Act and FDIC Rules and Regulations; FDIC OIG Semiannual Report to the\nCongress, April 1, 2008 \xe2\x80\x93 September 30, 2008; Department of Housing and Urban Development Web site; Federal Trade\nCommission Web site; and coordination with DCP officials.\n\n\n\n\n                                                        48\n\x0c                                                                                          Appendix 4\n\n         Examiner and Financial Institution Guidance\nThe FDIC uses various means, some of which are indicated below, to communicate\npolicy and examination guidance to its examination staff and supervised and insured\nfinancial institutions.\n\nRD Memoranda and FILs. The FDIC has issued extensive guidance in the form of RD\nMemoranda and FILs to assist examiners and financial institutions in carrying out their\nresponsibilities. RD Memoranda and FILs have been issued on a variety of matters of\nprincipal interest to those responsible for examining or operating a bank or savings\nassociation such as, but not limited to, the UFIRS (CAMELS) rating system; capital, de\nnovo financial institutions, executive compensation, enforcement actions, PCA, and\nBSA/AML compliance.\n\nExamination Manuals. The FDIC has issued extensive guidance in the form of\nexamination manuals to assist examiners in conducting examinations of financial\ninstitutions and making appropriate decisions regarding the supervision of those\ninstitutions. For example:\n\n     \xef\x82\xb7   The Risk Management Manual of Examination Policies provides guidance on\n         such significant issues as, but not limited to, basic examination concepts and\n         guidelines, CAMELS, risk-scoping activities, visitations, limited scope\n         examinations, de novo financial institutions, reliance on and acceptance of state\n         examinations, and examination work papers. Although this manual provides\n         policy guidance and direction to examiners that should be applied in the risk\n         management examination process, other manuals and/or policy pertaining to\n         additional areas of examination interest, such as trust department operations,\n         brokered deposits, commercial real estate, and loan modifications have also been\n         developed.27\n\n     \xef\x82\xb7   The Compliance Examination Manual provides guidance on issues such as, but\n         not limited to, community reinvestment; fair lending laws and regulations;\n         compliance lending issues, including truth in lending, real estate settlement\n         procedures, homeowners protection, flood insurance, and home mortgage\n         disclosure; abusive lending practices; and consumer privacy issues.28\n\n     \xef\x82\xb7   The FFIEC BSA/Anti-Money Laundering Examination Manual (BSA/AML\n         Manual) provides guidance for BSA/AML-related examinations. The manual\n         also provides guidance on identifying and controlling risks associated with money\n         laundering and terrorist financing. The manual contains an overview of\n         BSA/AML compliance program requirements, BSA/AML risks and risk\n         management expectations, industry sound practices, and examination procedures.\n\n27\n   Refer to http://www.fdic.gov/regulations/safety/manual/ for additional information regarding the Risk\nManagement Manual of Examination Policies.\n28\n   Refer to http://www.fdic.gov/regulations/compliance/manual/index_pdf.html for additional information\non the FDIC\xe2\x80\x99s Compliance Examination Manual.\n\n\n                                                   49\n\x0c                                                                                          Appendix 4\n\n         Examiner and Financial Institution Guidance\n         The manual was developed through a collaborative effort by the federal and state\n         banking agencies and the Financial Crimes Enforcement Network, a bureau of the\n         U.S. Department of the Treasury, to ensure consistency in the application of the\n         BSA/AML requirements.29\n\n     \xef\x82\xb7   The Case Manager Procedures Manual30 provides guidance to case managers\n         who are responsible for assisting in the identification of risk and supervision for a\n         caseload of banks assigned to them. According to the manual:\n\n             \xef\x82\xb7   The primary goal of the FDIC\xe2\x80\x99s Case Manager program is to enhance risk\n                 assessment and supervision activities by assigning responsibility and\n                 accountability for a caseload of institutions or companies to one\n                 individual, regardless of charter and location, and by encouraging a more\n                 proactive, but non-intrusive, coordinated supervisory approach.\n\n             \xef\x82\xb7   An equally important goal of this program is to promote better\n                 communication and coordination between the FDIC, other regulators, and\n                 the banking industry so that a consistent regulatory voice is presented,\n                 while minimizing regulatory burden to the extent possible.\n\n             \xef\x82\xb7   The emphasis of the program is to ensure that the level of regulatory\n                 oversight applied to an institution is commensurate with the level of risk it\n                 poses to the DIF.\n\n     \xef\x82\xb7   The FIAP Manual31 provides guidance on formal and informal corrective actions,\n         such as cease and desist orders, termination of insurance coverage, PCA, CMPs,\n         BBRs, and MOUs. The FIAP Manual is intended to support the FDIC\xe2\x80\x99s field,\n         regional, and headquarters offices in their efforts to determine the authorities and\n         circumstances under which formal or informal actions should be considered\n         and/or the monitoring of actions imposed against FDIC-supervised financial\n         institutions.\n                                                                             32\nExamination Documentation (ED) Modules. The ED Modules              are an examination\ntool that focuses on risk management practices and guides examiners to establish the\nappropriate examination scope. The modules incorporate questions and points of\nconsideration into examination procedures to specifically address a bank\xe2\x80\x99s risk\nmanagement strategies for each of its major business activities. Although examiner use\nof the ED Modules is discretionary, the modules direct examiners to consider areas of\n\n29\n   Refer to http://www.ffiec.gov/bsa_aml_infobase/default.htm for additional information regarding the\nBSA/AML Manual. The Department of the Treasury\xe2\x80\x99s Office of Foreign Assets Control (OFAC) also\nassisted in developing sections of the BSA/AML Manual that relate to OFAC reviews.\n30\n   The FDIC\xe2\x80\x99s Case Manager Procedures Manual is not available online.\n31\n   The FDIC\xe2\x80\x99s FIAP Manual is not available online.\n32\n   The FDIC\xe2\x80\x99s ED Modules are not available online.\n\n\n                                                   50\n\x0c                                                                            Appendix 4\n\n       Examiner and Financial Institution Guidance\npotential and associated risk control practices, thereby facilitating a more effective\nsupervisory program. Guidance included in the ED Modules addresses issues such as:\n\n   \xef\x82\xb7   risk scoping activities,\n   \xef\x82\xb7   capital adequacy,\n   \xef\x82\xb7   loan portfolio management and review,\n   \xef\x82\xb7   earnings and liquidity,\n   \xef\x82\xb7   commercial and residential real estate lending,\n   \xef\x82\xb7   real estate appraisals, and\n   \xef\x82\xb7   subprime lending.\n\n\n\n\n                                           51\n\x0c                                                                                         Appendix 5\n\n                                  Examiner Training\nThe FDIC recognizes that training is an essential component of employee development\nand effective bank supervision and is committed to developing and maintaining a\nqualified examination workforce. The information presented below provides a synopsis\nof some of the methods that the FDIC uses to provide examiner training activities.33\n\nFDIC Corporate University. The FDIC launched the Corporate University during the\nsecond quarter of 2003 to provide a more customized approach to training the FDIC\xe2\x80\x99s\nworkforce. The Corporate University offers career-long learning and development\nopportunities to meet the FDIC\xe2\x80\x99s workforce needs; new employee and skills training; and\ncareer, professional, and leadership development. In addition, the Corporate University\nhas primary responsibility for the effective and efficient establishment, implementation,\ndesign, deliverance, maintenance, and evaluation of the FDIC\xe2\x80\x99s learning and professional\ndevelopment programs. The Corporate University provides opportunities for employees\nto learn more about the FDIC\xe2\x80\x99s major program areas of supervision (risk management\nand compliance), resolutions, and insurance and offers various courses related to each of\nthese areas.\n\nRequired Curriculum for Commissioned Examiners. The FDIC has established a risk\nmanagement and compliance training program in which examiners complete a specific\ncourse curriculum and OJT before becoming commissioned examiners. The curriculum\nconsists of (1) introduction to examinations, (2) financial institution analysis, (3) loan\nanalysis, (4) examination management, and (5) asset liability management. The\ncurriculum for compliance pre-commissioned examiners includes: (1) introduction to\ncompliance examinations, (2) compliance management, (3) CRA, and (4) fair lending. In\naddition, these courses include examiners from other federal and state regulatory\nagencies, contributing to a consistent framework of instruction and a cross-sharing of\nexperiences.\n\nEstablished Benchmarks. The FDIC issued benchmarks for risk management and\ncompliance examiner training in August 2004 that outline the duties and responsibilities\nthat fully successful examiners must demonstrate at each level of their career. The FDIC\nperiodically updates the benchmarks to provide additional guidance to examiners\nregarding training requirements.\n\nOJT Guides. The FDIC has published OJT guides for both RMS and compliance/CRA-\nrelated examinations. In June 2010, DSC (now RMS) updated online OJT reference\nguides for risk management and compliance examinations.\n\n      \xef\x82\xb7      The OJT guides provide instruction on issues such as allowance for loan and\n             lease losses, capital, liquidity, loan analysis, and internal controls. According\n             to the June 2010 transmittal memorandum, the OJT guide is an informal tool\n             for pre-commissioned examiners, including assistant examiners, mid-career\n33\n   Refer to http://www.fdic.gov/regulations/examiner/ for additional information on the FDIC\xe2\x80\x99s examiner\ntraining activities.\n\n\n                                                   52\n\x0c                                                                      Appendix 5\n\n                      Examiner Training\n    examiners, newly-hired examiners, and interns. The optional use of the guide,\n    along with classroom-based instruction, promotes consistent training for\n    examination staff. The RMS guide is not intended to be a \xe2\x80\x9cstep-by-step\n    instruction manual\xe2\x80\x9d and should be used in conjunction with other FDIC\n    guidance such as the Examination Manual, outstanding examination\n    guidelines, and the ED Modules.\n\n\xef\x82\xb7   The FDIC\xe2\x80\x99s compliance OJT guide is designed to support the pre-\n    commissioned examiner\xe2\x80\x99s development through the commissioning process.\n    According to the June 2010 update, the compliance guide is a formal OJT tool\n    for pre-commissioned examiners, including assistant examiners, mid-career\n    examiners, newly-hired examiners, and interns. The compliance guide\n    identifies examination tasks and instructions for pre-commissioned examiners,\n    as well as coaching guidelines for supervisors and trainers, but is not intended\n    to be a \xe2\x80\x9chow to manual\xe2\x80\x9d or the sole resource needed for commissioning\n    requirements. The training modules in the guide are not all-inclusive of a\n    pre-commissioned examiner\xe2\x80\x99s ongoing duties and responsibilities and should\n    be used in conjunction with other examination resources, including online and\n    classroom instruction. The guide is a mandatory training tool for pre-\n    commissioned compliance examiners.\n\n\n\n\n                                     53\n\x0c                                                                                           Appendix 6\n\n                                 FFIEC Task Forces\nThe FFIEC has six task forces that assist the Council in achieving its mission. More\nspecifically, each task force is composed of six senior officials, consisting of\nrepresentatives from each of the five member agencies and a representative of the SLC.\nAs indicated in Table 12, each of the six FFIEC Task Forces is responsible for\naddressing/overseeing matters of great significance and that contribute to examination\nand supervision consistency.\n\nTable 12: FFIEC Task Forces and Related Responsibilities and Duties\n   FFIEC\n   TASK                                       DESCRIPTION OF TASK FORCE\n  FORCE\n Examiner       Responsible for overseeing the FFIEC\xe2\x80\x99s examiner education program on behalf of the Council.\n Education      The task force promotes interagency education through timely, cost-efficient, state-of-the-art\n                training programs for agency examiners and staff. The task force develops programs on its own\n                initiative and in response to requests from the Council, Council task forces, and suggestions\n                brought forth by Examiner Education Office staff. The task force staff schedules, delivers, and\n                evaluates training programs throughout the year. In 2011, the number of people who attended\n                task force-sponsored training totaled 3,164.\n Supervision    Coordinates and oversees matters relating to safety and soundness supervision and examination\n                of depository institutions. It provides a forum for Council members to promote quality,\n                consistency, and effectiveness in examination and supervisory practices. While significant issues\n                are referred, with recommendations, to the Council for action, the Council has delegated to the\n                task force the authority to make certain decisions and recommendations, provided all task force\n                members agree.\n Reports        The law establishing the Council and defining its functions requires the Council to develop\n                uniform reporting systems for federally supervised financial institutions and their holding\n                companies and subsidiaries. Accordingly, the Council established the Task Force on Reports,\n                which helps to develop inter-agency uniformity in the reporting of periodic information that is\n                needed for effective supervision and other public policy purposes.\n Information    Promotes the sharing of electronic information among the FFIEC agencies in support of\n Sharing        supervision, regulation, and deposit insurance responsibilities of financial institution regulators.\n                The task force provides a forum for FFIEC members to discuss and address issues affecting the\n                quality, consistency, efficiency, and security of interagency information sharing. Significant\n                matters are referred, with recommendations, to the Council for action, and the task force has\n                delegated authority to take certain actions. To the extent possible, the agencies build on each\n                other\xe2\x80\x99s information databases to minimize duplication of effort and promote consistency.\n Surveillance   Oversees the development and implementation of uniform interagency surveillance and\n Systems        monitoring systems and discusses best practices to be used in those systems and to consider the\n                development of new financial analysis tools. The principal objective is to develop and produce\n                the Uniform Bank Performance Report presenting financial data and peer group statistics on\n                financial institutions. These reports are important tools for completing supervisory evaluations of\n                a financial institution\xe2\x80\x99s condition and performance, as well as for planning onsite examinations.\n                The banking agencies use the data from these reports to identify potential or emerging problems\n                in insured banks.\n Consumer       Promotes policy coordination, a common supervisory approach, and uniform enforcement of\n Compliance     consumer protection laws and regulations. The task force identifies and analyzes emerging\n                consumer compliance issues and develops proposed policies and procedures to foster consistency\n                among the agencies. Additionally, the task force reviews legislation, regulations, and policies at\n                the state and federal level that may have a bearing on the compliance responsibilities of the\n                member agencies.\nSource: FFIEC 2011 Annual Report.\n\n\n\n                                                   54\n\x0c                                                                                   Appendix 7\n\n                             Glossary of Terms\n     Term                                            Definition\n Administrative    In 1989, FIRREA directed the federal banking agencies to establish a pool\nLaw Judge (ALJ)    of ALJs to conduct hearings. In 1991, OFIA was created as the executive\n                   body responsible for processing administrative enforcement proceedings\n                   brought by the FDIC, OCC, FRB, or NCUA. The OFIA ALJ, an\n                   independent judicial officer, conducts hearings and rules on allegations of\n                   banking law violations initiated by one of the four federal banking agencies.\n\n  Bank Board       A BBR is an informal commitment adopted by a financial institution\xe2\x80\x99s BOD\nResolution (BBR)   (often at the request of the FDIC), directing the institution\xe2\x80\x99s personnel to\n                   take corrective action regarding specific noted deficiencies. A BBR may\n                   also be used as a tool to strengthen and monitor the institution\xe2\x80\x99s progress\n                   with regard to a particular component rating or activity.\n\nBank Secrecy Act   Codified at 31 USC 5311-5330, it gives the Department of the Treasury\n of 1970 (BSA)     broad powers to implement AML regulations for financial institutions.\n                   Such regulations are implemented by the Department of the Treasury\n                   through 31 CFR Part 103. The Act consists of two Titles: Title I, Financial\n                   Recordkeeping, and Title II, Reports of Currency and Foreign Transactions.\n                   Title I authorizes the Department of the Treasury to issue regulations\n                   requiring insured financial institutions to maintain certain records related to\n                   financial transactions. Title II directs the Department of the Treasury to\n                   prescribe regulations governing the reporting of certain transactions by and\n                   through financial institutions in excess of $10,000 into, out of, and within\n                   the United States.\n\n   CAMELS          Financial institution regulators and examiners use the Uniform Financial\n                   Institutions Rating System (UFIRS) to evaluate a bank\xe2\x80\x99s performance in six\n                   components represented by the CAMELS acronym. The six component\n                   areas are known as the CAMELS rating system (Capital adequacy, Asset\n                   quality, Management, Earnings, Liquidity, and Sensitivity to market risk).\n                   Evaluations of CAMELS components consider the institution\xe2\x80\x99s size and\n                   sophistication, the nature and complexity of its activities, and its risk\n                   profile. At risk management examinations, an institution is rated for each\n                   of the CAMELS components and assigned a composite rating, which\n                   generally bears a close relationship to the component ratings. The\n                   component and composite ratings are scored on a scale of 1 (best) to 5\n                   (worst).\n\n Case Manager      Case managers are responsible for assisting in the identification of risk and\n                   supervision for a caseload of banks assigned to them. The Case Manager\n                   program helps to (1) enhance risk assessment and supervision activities by\n                   assigning responsibility and accountability for a caseload of institutions or\n                   companies to one individual, regardless of charter and location, and by\n                   encouraging a more proactive, but non-intrusive, coordinated supervisory\n                   approach; (2) promote better communication and coordination between the\n                   FDIC, other regulators, and the banking industry; and (3) ensure that the\n\n\n                                              55\n\x0c                                                                                   Appendix 7\n\n                             Glossary of Terms\n     Term                                              Definition\n                   level of regulatory oversight applied to an institution is commensurate with\n                   the level of risk it poses to the DIF.\n\nCease and Desist   A cease and desist order is a formal enforcement action issued by a\n    Order          financial institution regulator to a bank or affiliated party to stop an unsafe\n                   or unsound practice or a violation of laws and regulations. A cease and\n                   desist order may be terminated under certain circumstances, including when\n                   the bank\xe2\x80\x99s condition has significantly improved and the action is no longer\n                   needed or the bank has materially complied with its terms.\n\n  Civil Money      CMPs can be imposed on financial institutions for violations of: final and\nPenalties (CMP)    temporary orders, written agreements with the FDIC, laws and regulations,\n                   and breaches of fiduciary duty. The Financial Institutions Regulatory and\n                   Interest Rate Control Act of 1978 granted the FDIC authority to levy CMPs\n                   against both insured financial institutions and individuals for violations of\n                   statutes. The Financial Institutions Reform, Recovery, and Enforcement Act\n                   of 1989 broadened the scope of conduct for which CMPs can be assessed\n                   and significantly increased the amount of the permissible penalties.\n\n Conference of     CSBS works to:\n  State Bank         \xef\x82\xb7    optimize the authority of individual states to determine the activities\n  Supervisors             of their financial institutions;\n    (CSBS)           \xef\x82\xb7    enhance the professionalism of state banking departments and their\n                          personnel;\n                     \xef\x82\xb7    represent the interests of the state banking system to federal and state\n                          legislative and regulatory agencies; and\n                     \xef\x82\xb7    ensure that all banks continue to have the choice and flexibility of\n                          the state charter in the new era of financial modernization.\n\n    FDIC           The FDIC\xe2\x80\x99s supervision program promotes the safety and soundness of\n  Supervision      FDIC-supervised institutions, protects consumers\xe2\x80\x99 rights, and promotes\n   Program         community investment initiatives by FDIC-supervised institutions. The\n                   FDIC\xe2\x80\x99s:\n\n                     \xef\x82\xb7    RMS (1) performs risk management examinations of FDIC-\n                          supervised institutions to assess their overall financial condition,\n                          management policies and practices (including internal control\n                          systems), and compliance with applicable laws and regulations;\n                          (2) issues related guidance to institutions and examiners; and\n                          (3) conducts specialty examinations, which are usually conducted\n                          during risk management examinations and include coverage of trust\n                          departments, information technology, and institution compliance\n                          with the BSA.\n\n\n\n\n                                              56\n\x0c                                                                                  Appendix 7\n\n                              Glossary of Terms\n     Term                                           Definition\n                      \xef\x82\xb7    DCP conducts examinations to assess an institution\xe2\x80\x99s compliance\n                           with consumer protection statutes and regulations for all state\n                           nonmember banks that are not subject to the primary jurisdiction of\n                           the Consumer Financial Protection Bureau (CFPB). As part of the\n                           compliance examination process, the FDIC reviews substantive\n                           compliance issues as well as the accuracy and completeness of\n                           information and disclosures that institutions provide to consumers.\n                           The FDIC also conducts CRA performance evaluations for all state\n                           nonmember banks.\n\nFederal Financial   The FFIEC is a formal interagency body empowered to: (1) prescribe\n  Institutions      uniform principles, standards, and report forms for the federal examination\n  Examination       of financial institutions by the FRB, FDIC, NCUA, OCC, and CFPB; and\nCouncil (FFIEC)     (2) make recommendations to promote uniformity in the supervision of\n                    financial institutions.\n\n Guidelines for     As required by Section 309(a) of the Riegle Act (Public Law No. 103-325,\n   Appeals of       108 Stat. 2160), the FDIC is required to establish an independent intra-\n    Material        agency appellate process to review material supervisory determinations\n  Supervisory       made at insured depository institutions that it supervises. The Guidelines\n Determinations     for Appeals describe the types of determinations that are eligible for review\n (Guidelines for    and the process by which appeals will be considered and decided. The\n    Appeals)        procedures set forth in these guidelines establish an appeals process for the\n                    review of material supervisory determinations by the SARC.\n\n    Material        As outlined in the FDIC\xe2\x80\x99s Guidelines for Appeals, material supervisory\n  Supervisory       determinations may include, but are not limited to: ratings assigned by\n Determinations     examiners, including CAMELS and compliance/CRA ratings; conclusions\n                    regarding the adequacy of the bank\xe2\x80\x99s allowance for loan and lease losses;\n                    and other supervisory determinations that may impact the bank\xe2\x80\x99s capital,\n                    earnings, or capital category for PCA purposes, or otherwise affect the\n                    nature and level of supervisory oversight accorded an institution.\n\nMemorandum of       An MOU is an informal agreement between the institution and the FDIC,\nUnderstanding       which is signed by both parties. The State Authority may also be party to\n   (MOU)            the agreement. MOUs are designed to address and correct identified\n                    weaknesses in an institution\xe2\x80\x99s condition.\n\n Problem Bank       A problem financial institution is defined as any insured institution which\n Memorandum         has been assigned a composite rating of 4 or 5 by its primary federal\n                    regulator or by the FDIC. A problem bank memorandum documents the\n                    FDIC\xe2\x80\x99s concerns with an institution and the corrective action in place or to\n                    be implemented. While an institution assigned a composite rating of 3 is\n                    not usually considered to be a problem institution, a problem bank\n                    memorandum is required on larger institutions assigned a composite rating\n\n\n\n                                              57\n\x0c                                                                                    Appendix 7\n\n                              Glossary of Terms\n     Term                                             Definition\n                    of 3 as a means to document the FDIC\xe2\x80\x99s concerns and plans, due to the\n                    potential risk to the DIF. The problem bank memorandum is also used to\n                    effect interim rating changes in the FDIC\xe2\x80\x99s systems.\n\n    Prompt          The purpose of PCA is to resolve the problems of insured depository\nCorrective Action   institutions at the least possible long-term cost to the DIF. Part 325, subpart\n     (PCA)          B, of the FDIC Rules and Regulations, 12 CFR section 325.101, et. seq.,\n                    implements section 38, Prompt Corrective Action, of the FDI Act, 12 USC\n                    section 1831(o), by establishing a framework for determining capital\n                    adequacy and taking supervisory actions against depository institutions that\n                    are in an unsafe or unsound condition. The following terms are used to\n                    describe capital adequacy: (1) Well Capitalized, (2) Adequately Capitalized,\n                    (3) Undercapitalized, (4) Significantly Undercapitalized, and (5) Critically\n                    Undercapitalized.\n\n                    A PCA Directive is a formal enforcement action seeking corrective action\n                    or compliance with the PCA statute with respect to an institution that falls\n                    within any of the three categories of undercapitalized institutions.\n\n Supervision        Section 309(a) of the Riegle Act (Public Law No. 103-325, 108 Stat. 2160),\nAppeals Review      required the FDIC to establish an independent intra-agency appellate\n  Committee         process to review material supervisory determinations made at insured\n   (SARC)           depository institutions that it supervises. In addition, the Riegle Act\n                    requires the FDIC to hear and decide appeals in an expeditious manner and\n                    protect appellants from retaliation by agency examiners.\n\n   Uniform          Refer to the definition for CAMELS.\n   Financial\n  Institutions\n Rating System\n   (UFIRS)\n\n    Uniform         For compliance/CRA examinations, financial institution regulators and\n  Interagency       examiners use the Uniform Interagency Consumer Compliance Rating\n   Consumer         System (Rating System) approved by the FFIEC. Under the uniform rating\n  Compliance        system, each financial institution is assigned a consumer compliance rating\n Rating System      predicated upon an evaluation of the nature and extent of its present\n                    compliance with consumer protection and civil rights statutes and\n                    regulations and the adequacy of its operating systems designed to ensure\n                    compliance on a continuing basis. The rating system is based upon a scale\n                    of 1 through 5 in increasing order of supervisory concern.\n\n\n\n\n                                               58\n\x0c                                                                           Appendix 8\n                              Acronyms\nAcronym   Explanation\nALJ       Administrative Law Judge\nAML       Anti-Money Laundering\nBBR       Bank Board Resolution\nBOD       Board of Directors\nBSA       Bank Secrecy Act\nCAMELS    Capital, Asset Quality, Management, Earnings, Liquidity and Sensitivity to\n          Market Risk\nCFPB      Consumer Financial Protection Bureau\nCMP       Civil Money Penalty\nCRA       Community Reinvestment Act\nCSBS      Conference of State Bank Supervisors\nDCP       Division of Depositor and Consumer Protection\nDIF       Deposit Insurance Fund\nDIR       Division of Insurance and Research\nDSC       Division of Supervision and Consumer Protection\nED        Examination Documentation\nEIC       Examiner-in-Charge\nFDI       Federal Deposit Insurance\nFFIEC     Federal Financial Institutions Examination Council\nFIAP      Formal and Informal Action Procedures\nFIL       Financial Institution Letter\nFIRREA    Financial Institutions Reform, Recovery, and Enforcement Act of 1989\nFRB       Board of Governors of the Federal Reserve System\nICRS      Internal Control and Review Section\nMOU       Memorandum of Understanding\nNCUA      National Credit Union Administration\nOATS      Ombudsman Automated Tracking System\nOCC       Office of the Comptroller of the Currency\nOCFI      Office of Complex Financial Institutions\nOFAC      Office of Foreign Assets Control\nOFIA      Office of Financial Institution Adjudication\nOIG       Office of Inspector General\nOJT       On-the-Job Training\nOLA       Office of Legislative Affairs\nOO        Office of the Ombudsman\nPCA       Prompt Corrective Action\nRD        Regional Directors\nRMS       Division of Risk Management Supervision\nROE       Report of Examination\nSARC      Supervision Appeals Review Committee\nSBC       Senate Committee on Banking, Housing, and Urban Affairs\nSLC       State Liaison Committee\nUFIRS     Uniform Financial Institutions Rating System\nViSION    Virtual Supervisory Information on the Net\n\n\n                                      59\n\x0c                                                                                     Appendix 9\n                    Corporation Comments\n_____________________________________________________________\n\n\n\n\nFederal Deposit Insurance Corporation\n550 17th Street NW, Washington, D.C. 20429-9990                         Division of Risk Management Supervision\n\n\n                                                           August 29, 2012\n\n Jon T. Rymer\n Inspector General\n Federal Deposit Insurance Corporation\n 3501 Fairfax Drive, Arlington, VA\n Arlington, VA 22226\n\n Re: Response to Draft Audit Report Entitled The FDIC\xe2\x80\x99s Examination Process for Small\n Community Banks (2012-041)\n\n Dear Mr. Rymer:\n\n The FDIC has reviewed the Inspector General\xe2\x80\x99s (IG) draft report entitled, \xe2\x80\x9cThe FDIC\xe2\x80\x99s\n Examination Process for Small Community Banks\xe2\x80\x9d (Draft Report). We appreciate the Draft\n Report\xe2\x80\x99s thoroughness and the opportunity to comment on its findings. The Draft Report\n acknowledges that the FDIC has implemented a nationwide program for planning, conducting,\n reporting and evaluating the effectiveness of our examination of FDIC-supervised community\n institutions and contains no recommendations for improvement in any of the areas under review.\n\n We concur that the examination cycle and report processing timeframes increased as a result of\n the deteriorating condition of examined institutions and the complexity associated with an\n increasing number of troubled institutions. In this respect, the Draft Report recognizes that the\n FDIC\xe2\x80\x99s processes and controls continued to evolve during this time. It also notes the FDIC\xe2\x80\x99s\n longstanding quality control practices that promote consistency in the examination process and\n encourage examiners and bankers to make good-faith attempts to resolve disputes through\n informal discussions during examinations.\n\n With respect to the formal dispute resolution process, the Draft Report confirmed the FDIC\xe2\x80\x99s\n analysis that the 2007-2009 financial crisis and related CAMELS rating changes were largely\n responsible for a number of formal reviews and appeals not being processed within the agency\xe2\x80\x99s\n self-imposed timeframes. The FDIC Board of Directors approved changes to the decisional\n deadlines in early 2010 that rectified these types of delays. These changes have enabled formal\n review and appeals to be analyzed and processed within more realistic timeframes. Since being\n implemented, the new decisional deadlines have been met with only one minor exception.\n\n Finally, the Draft Report recognizes the various initiatives the FDIC has undertaken to further its\n dialogue with community banks, including the establishment of the FDIC\xe2\x80\x99s Advisory Committee\n on Community Banking, as well as other steps the agency has undertaken to ensure important\n community banking-related issues are identified, discussed and addressed. In addition, the Draft\n Report notes the FDIC is also developing guidance to assist community banks and smaller\n institutions understand and appropriately implement new and revised rules and regulations.\n\n\n\n\n                                                  60\n\x0c                                                                                    Appendix 9\n                       Corporation Comments\n   _____________________________________________________________\n\nMr. Jon T. Rymer\nAugust 29, 2012\nPage 2\n\nThe FDIC believes these efforts ensure the accuracy and fairness of the examination program\nand related dispute resolution processes for individual institutions, as well as the consistent\ntreatment and application of examination procedures among all FDIC-supervised institutions. As\nsuch, we are pleased your Draft Report affirms FDIC\xe2\x80\x99s ongoing commitment to maintain a\ndynamic and responsive examination process as well as prudent and safe and sound banking\nstandards.\n\nThank you for the opportunity to review the Draft Report.\n\n\n                                                      Sincerely,\n\n                                                      /signed/\n\n                                                      Sandra L. Thompson\n                                                      Director\n                                                      Division of Risk Management Supervision\n\n\n\n\n                                                 61\n\x0c"